Published: 27/05/2014 Updated: 21/12/2017

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 552

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

The mod_wsgi module prior to 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
modwsgi mod wsgi 3.0
modwsgi mod wsgi 2.8
modwsgi mod wsgi 2.0
modwsgi mod wsgi 1.6
modwsgi mod wsgi 2.7
modwsgi mod wsgi 2.6
modwsgi mod wsgi 2.5
modwsgi mod wsgi 1.5
modwsgi mod wsgi 1.4
modwsgi mod wsgi
modwsgi mod wsgi 3.3
modwsgi mod wsgi 2.4
modwsgi mod wsgi 2.3
modwsgi mod wsgi 1.3
modwsgi mod wsgi 1.2
modwsgi mod wsgi 3.2
modwsgi mod wsgi 3.1
modwsgi mod wsgi 2.2
modwsgi mod wsgi 2.1
modwsgi mod wsgi 1.1
modwsgi mod wsgi 1.0

Debian Bug report logs - #748910 CVE-2014-0240: Possibility of local privilege escalation when using daemon, mode Package: libapache2-mod-wsgi; Maintainer for libapache2-mod-wsgi is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Source for libapache2-mod-wsgi is src:mod-wsgi (PTS, buildd, popcon) R ...

mod_wsgi could be made to run programs as an administrator if it executes a specially crafted file ...

Two security issues have been found in the Python WSGI adapter module for Apache: CVE-2014-0240 Robert Kisteleki discovered a potential privilege escalation in daemon mode This is not exploitable with the kernel used in Debian 70/wheezy CVE-2014-0242 Buck Golemon discovered that incorrect memory handling could lead to inform ...

It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system Note: mod_wsgi is not intended to provide privilege separation f ...

It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system Note: mod_wsgi is not intended to provide privilege separation ...

CWE-264 http://www.securityfocus.com/bid/67532 http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html http://www.openwall.com/lists/oss-security/2014/05/21/1 http://secunia.com/advisories/60094 http://secunia.com/advisories/59551 http://rhn.redhat.com/errata/RHSA-2014-0789.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=748910 https://usn.ubuntu.com/2222-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-0240

CVE-2014-0240

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect