| VID |
22299 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Cherokee Web Server, according to its version number, has a remote command execution vulnerability. Cherokee Web Server is a compact, open-source web server for Microsoft Windows, Linux and Unix-based operating systems. Cherokee versions 0.2.6 and earlier pass Uniform Resource Identifiers (URI's) from HTTP requests directly to the shell without filtering shell metacharacters. As a result, attackers can cause Cherokee to execute arbitrary commands by embedding the commands in an HTTP URI. Cherokee is designed to start as root and drop root privileges after binding to port 80. However, by attacking these versions of Cherokee, attackers may execute arbitrary commands as root.
* Note: This check solely relied on the version number of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.kb.cert.org/vuls/id/711315
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html
* Platforms Affected:
Cherokee Development Team, Cherokee 0.2.6 and prior
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Cherokee (0.2.7 or later), available from the Cherokee Download Web page at http://www.alobbs.com/cherokee/download |
| Related URL |
CVE-2001-1433 (CVE) |
| Related URL |
3771,3773 (SecurityFocus) |
| Related URL |
7797,7798 (ISS) |
|
