Lucene search
MitreCVE-2001-1433HistoryMar 24, 2005 - 5:00 a.m.
CVE-2001-1433
2005-03-2405:00:00
mitre
web.nvd.nist.gov
26
cve-2001-1433
cherokee web server
privilege escalation
remote attacks
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0.016
Percentile
87.5%
Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.
Affected configurations
Node
cherokeecherokee_httpdMatch0.1
ORcherokeecherokee_httpdMatch0.1.5
ORcherokeecherokee_httpdMatch0.1.6
ORcherokeecherokee_httpdMatch0.2
ORcherokeecherokee_httpdMatch0.2.5
ORcherokeecherokee_httpdMatch0.2.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cherokee | cherokee_httpd | 0.1 | cpe:2.3:a:cherokee:cherokee_httpd:0.1:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.1.5 | cpe:2.3:a:cherokee:cherokee_httpd:0.1.5:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.1.6 | cpe:2.3:a:cherokee:cherokee_httpd:0.1.6:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2 | cpe:2.3:a:cherokee:cherokee_httpd:0.2:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2.5 | cpe:2.3:a:cherokee:cherokee_httpd:0.2.5:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2.6 | cpe:2.3:a:cherokee:cherokee_httpd:0.2.6:*:*:*:*:*:*:* |
Related
openvas
openvas
Cherokee remote command execution
2005-11-03 00:00:00
Cherokee remote command execution
2005-11-03 00:00:00
nessus
nessus
Cherokee Web Server Port Bind Privilege Drop Weakness
2004-11-04 00:00:00
cvelist
cvelist
CVE-2001-1433
2005-03-24 05:00:00
nvd
nvd
CVE-2001-1433
2001-12-29 05:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0.016
Percentile
87.5%
Related for CVE-2001-1433