Lucene search
K

232 matches found

NVD
NVD
added 2014/07/02 4:14 a.m.17 views

CVE-2014-4668

The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password...

6.8CVSS6.8AI score0.02844EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2014/07/02 4:14 a.m.17 views

CVE-2014-4668

The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password...

6.8CVSS5.9AI score0.02844EPSS
Exploits0References4
Prion
Prion
added 2014/07/02 4:14 a.m.16 views

Authentication flaw

The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password...

6.8CVSS7.3AI score0.02844EPSS
Exploits0References9Affected Software3
Cvelist
Cvelist
added 2014/07/02 1:0 a.m.25 views

CVE-2014-4668

The cherokeevalidatorldapcheck function in validatorldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password...

6.6AI score0.02844EPSS
Exploits0References9
CVE
CVE
added 2014/07/02 1:0 a.m.85 views

CVE-2014-4668

CVE-2014-4668 affects Cherokee 1.2.103 and earlier when using LDAP: the cherokee_validator_ldap_check function does not properly handle unauthenticated-bind semantics, allowing authentication bypass via an empty password. Connected advisories confirm that updates were released across multiple dis...

6.8CVSS6.7AI score0.02844EPSS
Exploits0References9Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.8 views

Cherokee 0.99.30 Terminal Escape Sequence in Logs Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37715/info Cherokee is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Cherokee <= 0.5.4 - Directory Traversal

No description provided by source. Cherokee Web Server = 0.5.4 Directory Traversal Exploit Found By: DrIDE Tested On: Windows XPSP3 Download: www.cherokee-project.com/download/windows - Description - Cherokee Web Server = 0.5.4 is a Windows based HTTP server. This is the latest version of the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Cherokee 0.1.x/0.2.x/0.4.x Error Page Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9496/info Cherokee has been reported to contain a cross-site scripting vulnerability via error pages. An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/12/15 12:0 a.m.245 views

Cherokee web server v1.2.101 Full Path Disclosure

This bug is a remote 'Full Path Disclosure in Cherokee web server version 1.2.101 the attacker can use this bug for get Important information and Navigate between files/folders of server and get the content. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.27 views

Fedora Update for cherokee FEDORA-2011-12657

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12657 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.2AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.18 views

Fedora Update for cherokee FEDORA-2011-14622

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.16 views

Fedora Update for cherokee FEDORA-2011-12657

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.5AI score0.01398EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.18 views

Fedora Update for cherokee FEDORA-2011-14622

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14622 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.2AI score0.01398EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/11/26 12:0 a.m.19 views

Fedora 16 : cherokee-1.2.101-1.fc16 (2011-14622)

Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding...

6.8CVSS5.3AI score0.01398EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2011/11/26 12:0 a.m.18 views

Fedora 14 : cherokee-1.2.101-1.fc14 (2011-14660)

Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding...

6.8CVSS5.3AI score0.01398EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2011/11/26 12:0 a.m.22 views

Fedora 15 : cherokee-1.2.101-1.fc15 (2011-14634)

Latest 1.2.x upstream release Resolves bz 746532 - put some deps back: GeoIP-devel openldap-devel Latest 1.2.x upstream release .spec corrections for optional build for systemd Resolves bz 710474 Resolves bz 713307 Resolves bz 680691 Note that Tenable Network Security has extracted the preceding...

6.8CVSS5.3AI score0.01398EPSS
Exploits1References7
Fedora
Fedora
added 2011/11/25 2:5 a.m.32 views

[SECURITY] Fedora 15 Update: cherokee-1.2.101-1.fc15

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

6.8CVSS1AI score0.01398EPSS
Exploits1
Fedora
Fedora
added 2011/11/25 1:54 a.m.18 views

[SECURITY] Fedora 14 Update: cherokee-1.2.101-1.fc14

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

6.8CVSS1AI score0.01398EPSS
Exploits1
Fedora
Fedora
added 2011/11/25 1:53 a.m.75 views

[SECURITY] Fedora 16 Update: cherokee-1.2.101-1.fc16

Cherokee is a very fast, flexible and easy to configure Web Server. It supp orts the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL encrypted connections, Virtual hosts, Authentication, on the fly encoding, Apache compatible log files, and much more...

6.8CVSS1AI score0.01398EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/11/25 12:0 a.m.16 views

Fedora Update for cherokee FEDORA-2011-14634

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-14634 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.1AI score0.01398EPSS
Exploits1References2
Rows per page
Query Builder