Cherokee Web Server Malformed POST Request Remote DoS

Medium Nessus Plugin ID 15620


The remote web server is affected by a denial of service vulnerability.


The remote host is running Cherokee - a fast and tiny web server.

The remote version of this software is affected by a remote denial of service vulnerability when handling a specially crafted HTTP 'POST' request.

An attacker may exploit this flaw to disable this service remotely.


Upgrade to Cherokee 0.4.7 or newer as this reportedly fixes the issue.

See Also

Plugin Details

Severity: Medium

ID: 15620

File Name: cherokee_0_4_6.nasl

Version: $Revision: 1.16 $

Type: remote

Family: Web Servers

Published: 2004/11/04

Modified: 2016/05/04

Dependencies: 10107, 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2003/12/26

Reference Information

CVE: CVE-2003-1198

BID: 9345

OSVDB: 3306