Test ID:	1.3.6.1.4.1.25623.1.0.100326
Category:	Web Servers
Title:	Cherokee Directory Traversal Vulnerability
Summary:	Determine if Cherokee Web Server is prone to a directory-traversal vulnerability
Description:	Overview: Cherokee is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable. References: http://www.securityfocus.com/bid/36874 http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index http://freetexthost.com/ncyss3plli
Cross-Ref:	BugTraq ID: 36874 Common Vulnerability Exposure (CVE) ID: CVE-2009-3902 http://freetexthost.com/ncyss3plli http://pocoftheday.blogspot.com/2009/10/cherokee-web-server-054-directory.html http://www.securityfocus.com/bid/36874 http://osvdb.org/59588 http://secunia.com/advisories/37183 http://www.vupen.com/english/advisories/2009/3091 XForce ISS Database: cherokee-http-dir-traversal(54024) http://xforce.iss.net/xforce/xfdb/54024
Copyright	This script is Copyright (C) 2009 Greenbone Networks GmbH

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: