CVE-2001-1432 | SynScan

Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2001-1432

Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

Published: Dec 29, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-1432
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
cherokee / cherokee_httpd	0.2	0.2.x
cherokee / cherokee_httpd	0.1.6	0.1.6.x
cherokee / cherokee_httpd	0.2.6	0.2.6.x
cherokee / cherokee_httpd	0.2.5	0.2.5.x
cherokee / cherokee_httpd	0.1	0.1.x
cherokee / cherokee_httpd	0.2.7	0.2.7.x
cherokee / cherokee_httpd	0.1.5	0.1.5.x