Cherokee Web Server Port Bind Privilege Drop Weakness

High Nessus Plugin ID 15622


The remote web server is affected by a remote command execution vulnerability.


The remote host is running Cherokee - a fast and tiny web server.

The remote version of this software is vulnerable to remote command execution due to a lack of web requests sanitization, especially shell metacharacters.

Additionally, this version fails to drop root privileges after it binds to listen port.

A remote attacker may submit a specially crafted web request to execute arbitrary command on the server with root privileges.


Upgrade to Cherokee 0.2.7 or newer as this reportedly fixes the issue.

See Also

Plugin Details

Severity: High

ID: 15622

File Name: cherokee_remote_cmd.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Web Servers

Published: 2004/11/04

Modified: 2016/10/07

Dependencies: 10107, 17975

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2001/12/30

Reference Information

CVE: CVE-2001-1433

BID: 3771, 3773

OSVDB: 16981