Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cherokee_httpd | Cherokee | 0.1 | 0.1 |
Cherokee_httpd | Cherokee | 0.1.5 | 0.1.5 |
Cherokee_httpd | Cherokee | 0.1.6 | 0.1.6 |
Cherokee_httpd | Cherokee | 0.2 | 0.2 |
Cherokee_httpd | Cherokee | 0.2.5 | 0.2.5 |
Cherokee_httpd | Cherokee | 0.2.6 | 0.2.6 |