CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0CVE-2003-1198
https://notcve.org/view.php?id=CVE-2003-1198
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. • http://freshmeat.net/redir/cherokee/20646/url_changelog/ChangeLog http://secunia.com/advisories/10518 http://www.osvdb.org/3306 http://www.securityfocus.com/bid/9345 https://exchange.xforce.ibmcloud.com/vulnerabilities/14119 •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 2CVE-2001-1433
https://notcve.org/view.php?id=CVE-2001-1433
Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities. • http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html http://www.kb.cert.org/vuls/id/245795 http://www.securityfocus.com/bid/3771 https://exchange.xforce.ibmcloud.com/vulnerabilities/7797 •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 2CVE-2001-1432
https://notcve.org/view.php?id=CVE-2001-1432
Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. • http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html http://www.kb.cert.org/vuls/id/464827 http://www.securityfocus.com/bid/3772 https://exchange.xforce.ibmcloud.com/vulnerabilities/7799 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •