Lucene search
HistoryDec 29, 2001 - 5:00 a.m.
CVE-2001-1433
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.016
Percentile
87.5%
Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.
Affected configurations
Node
cherokeecherokee_httpdMatch0.1
ORcherokeecherokee_httpdMatch0.1.5
ORcherokeecherokee_httpdMatch0.1.6
ORcherokeecherokee_httpdMatch0.2
ORcherokeecherokee_httpdMatch0.2.5
ORcherokeecherokee_httpdMatch0.2.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cherokee | cherokee_httpd | 0.1 | cpe:2.3:a:cherokee:cherokee_httpd:0.1:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.1.5 | cpe:2.3:a:cherokee:cherokee_httpd:0.1.5:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.1.6 | cpe:2.3:a:cherokee:cherokee_httpd:0.1.6:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2 | cpe:2.3:a:cherokee:cherokee_httpd:0.2:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2.5 | cpe:2.3:a:cherokee:cherokee_httpd:0.2.5:*:*:*:*:*:*:* |
| cherokee | cherokee_httpd | 0.2.6 | cpe:2.3:a:cherokee:cherokee_httpd:0.2.6:*:*:*:*:*:*:* |
Related
openvas
openvas
Cherokee remote command execution
2005-11-03 00:00:00
Cherokee remote command execution
2005-11-03 00:00:00
nessus
nessus
Cherokee Web Server Port Bind Privilege Drop Weakness
2004-11-04 00:00:00
cvelist
cvelist
CVE-2001-1433
2005-03-24 05:00:00
cve
cve
CVE-2001-1433
2005-03-24 05:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.016
Percentile
87.5%
Related for NVD:CVE-2001-1433