VULHUB ™

Cherokee is a compact web server which provides fast delivery of web content. It is freely available and distributed under the GPL. It runs on Linux and other Unix systems. Cherokee web server fails to drop root privileges after it binds to port 80. While this vulnerability is not exploitable in and of itself, Cherokee web server is prone to a number of other issues which may result in a remote root compromise as a consequence of this issue. For example, BugTraq ID 3773 "Cherokee HTTPD Remote Command Execution Vulnerability" and BugTraq ID 3772 "Cherokee HTTPD Directory Traversal Vulnerability" may both be exploited to much greater effect as a result of this issue.

Cherokee is a compact web server which provides fast delivery of web content. It is freely available and distributed under the GPL. It runs on Linux and other Unix systems. Cherokee web server fails to drop root privileges after it binds to port 80. While this vulnerability is not exploitable in and of itself, Cherokee web server is prone to a number of other issues which may result in a remote root compromise as a consequence of this issue. For example, BugTraq ID 3773 "Cherokee HTTPD Remote Command Execution Vulnerability" and BugTraq ID 3772 "Cherokee HTTPD Directory Traversal Vulnerability" may both be exploited to much greater effect as a result of this issue.