Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.Referenceshttp://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.htmlhttp://www.kb.cert.org/vuls/id/245795https://exchange.xforce.ibmcloud.com/vulnerabilities/7797http://www.securityfocus.com/bid/3771
