CVE-2009-3902
published 2009-11-06CVE-2009-3902: Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash…
PriorityP335medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.54%
87.8th percentile
Directory traversal vulnerability in Cherokee Web Server 0.5.4 and earlier for Windows allows remote attackers to read arbitrary files via a /\.. (slash backslash dot dot) in the URL.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cherokee | cherokee_httpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://freetexthost.com/ncyss3pllihttp://osvdb.org/59588http://pocoftheday.blogspot.com/2009/10/cherokee-web-server-054-directory.htmlhttp://secunia.com/advisories/37183http://www.securityfocus.com/bid/36874http://www.vupen.com/english/advisories/2009/3091https://exchange.xforce.ibmcloud.com/vulnerabilities/54024http://freetexthost.com/ncyss3pllihttp://osvdb.org/59588http://pocoftheday.blogspot.com/2009/10/cherokee-web-server-054-directory.htmlhttp://secunia.com/advisories/37183http://www.securityfocus.com/bid/36874http://www.vupen.com/english/advisories/2009/3091https://exchange.xforce.ibmcloud.com/vulnerabilities/54024
2009-11-06
Published