lighttpd prior to 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote malicious users to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lighttpd lighttpd |
||
debian debian linux 6.0 |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |
||
opensuse opensuse 12.2 |
||
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |