Description
Cherokee Web Server 0.5.4 allows remote attackers to cause a denial of service (daemon crash) via an MS-DOS reserved word in a URI, as demonstrated by the AUX reserved word.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Usman Saeed · textdoswindows
https://www.exploit-db.com/exploits/9874
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1023095
Exploit x_refsource_misc
http://xc0re.wordpress.com/2009/10/25/cherokee-web-server-0-5-4-denial-of-service/
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507651/100/0/thread
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36814
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/507456/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53957
Scores
EPSS
0.1087
EPSS Percentile
93.4%
Details
Status
published
Products (1)
cherokee/cherokee
0.5.4
Published
Jan 07, 2010
Tracked Since
Feb 18, 2026