7.5
CVE-2001-1433
- EPSS 3.44%
- Veröffentlicht 29.12.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cherokee ≫ Cherokee Httpd Version0.1
Cherokee ≫ Cherokee Httpd Version0.1.5
Cherokee ≫ Cherokee Httpd Version0.1.6
Cherokee ≫ Cherokee Httpd Version0.2
Cherokee ≫ Cherokee Httpd Version0.2.5
Cherokee ≫ Cherokee Httpd Version0.2.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.44% | 0.874 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html
http://www.kb.cert.org/vuls/id/245795
http://www.securityfocus.com/bid/3771
https://exchange.xforce.ibmcloud.com/vulnerabilities/7797