Vulnerabilities > CVE-2004-1946 - Local Security vulnerability in Cherokee Httpd 0.4.16
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Format string vulnerability in the PRINT_ERROR function in common.c for Cherokee Web Server 0.4.16 and earlier allows local users to execute arbitrary code via format string specifiers in the -C command line argument. NOTE: it is not clear whether this issue could be exploited remotely, or if Cherokee is running at escalated privileges. Therefore it might not be a vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |