PT-2001-2526 · Cherokee · Cherokee Web Server

Published

2001-12-29

Updated

2017-07-11

CVE-2001-1433

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cherokee web server versions prior to 0.2.7

Description The issue is related to the Cherokee web server not properly dropping root privileges after binding to port 80. This could potentially allow remote attackers to gain privileges via other vulnerabilities.

Recommendations For versions prior to 0.2.7, update to version 0.2.7 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1433

Affected Products

Cherokee Web Server

PT-2001-2526 · Cherokee · Cherokee Web Server

CVE-2001-1433

Related Identifiers

Affected Products

References · 6