CVE-2014-0240

The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html
http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html
http://rhn.redhat.com/errata/RHSA-2014-0789.html
http://secunia.com/advisories/59551
http://secunia.com/advisories/60094
http://www.openwall.com/lists/oss-security/2014/05/21/1
http://www.securityfocus.com/bid/67532

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:modwsgi:mod_wsgi::::::::
	cpe:2.3:a:modwsgi:mod_wsgi:1.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.1:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.3:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.4:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.5:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.6:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.1:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.3:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.4:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.5:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.6:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.7:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.8:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.1:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.3:::::::*

History

No history.

Information

Published : 2014-05-27 14:55

Updated : 2024-02-28 12:20

NVD link : CVE-2014-0240

Mitre link : CVE-2014-0240

CVE.ORG link : CVE-2014-0240

JSON object : View

Products Affected

modwsgi

mod_wsgi

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2014-0240", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-05-27T14:55:12.197", "references": [{"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html", "source": "secalert@redhat.com"}, {"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/59551", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/60094", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/67532", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."}, {"lang": "es", "value": "El m\u00f3dulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio est\u00e1 habilitado, no maneja debidamente c\u00f3digos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores relacionados con el n\u00famero de procesos en ejecuci\u00f3n."}], "lastModified": "2017-12-21T02:29:00.373", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "785170E8-C24B-42E0-8DFD-E25BCBEA3F06", "versionEndIncluding": "3.4"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D11F04B8-E47E-448E-B5B0-499A3388DBF0"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50A93F05-1041-4E7A-B7F3-372828F1D01B"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "414E1DA8-8135-4DF0-AB7F-BA54CCBB05DD"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D070519-30F1-4561-BC4F-06511BED6608"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BCF68C7-84CC-45DB-ACEA-31A624F9A3A0"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72AFD695-31E2-416F-8D25-25D76B57D935"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28EBA2EA-78FA-458A-A004-E306370D9AF3"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DB6E106-8C25-4EF5-98DD-95C3A477EBDB"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E04D69ED-0B61-440B-8AF5-AE1987F8343B"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0766F7BB-709D-44C1-A435-9D78D8B65E6F"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EE398E6-F113-44DB-AE9D-B9FE2B58F2AC"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA1CCF4D-4874-4474-AB85-8E2B107031BF"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6D9ECCE-4FF6-483E-A320-D7085BAA9D81"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00DCC650-5B04-4A60-B1BE-912798F9969F"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA39B24F-EA97-49B5-B40E-830B15C80498"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6D5AA63-BD50-409E-BBD6-3D5340ABF361"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "671BE4C2-1F45-4BBC-B7FB-0AB1DBD57F38"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61E348ED-9B13-469E-84DF-1E737C485847"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0131F322-C087-4A78-BC6F-B69EA36A15F8"}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "412A2104-C514-41A1-97E9-A0E204371396"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}