CVE-2014-0240

The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/67532
http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html
http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html
http://www.openwall.com/lists/oss-security/2014/05/21/1
http://secunia.com/advisories/60094
http://secunia.com/advisories/59551
http://rhn.redhat.com/errata/RHSA-2014-0789.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:modwsgi:mod_wsgi:3.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.8:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.6:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.7:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.6:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.5:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.5:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.4:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi::::::::
	cpe:2.3:a:modwsgi:mod_wsgi:3.3:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.1:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.3:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.0:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.3:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.2:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:1.1:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:2.4:::::::*
	cpe:2.3:a:modwsgi:mod_wsgi:3.1:::::::*

Information

Published : 2014-05-27 07:55

Updated : 2017-12-20 18:29

NVD link : CVE-2014-0240

Mitre link : CVE-2014-0240

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Products Affected

modwsgi

mod_wsgi

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/67532", "name": "67532", "tags": [], "refsource": "BID"}, {"url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html", "name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html", "name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/21/1", "name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)", "tags": [], "refsource": "MLIST"}, {"url": "http://secunia.com/advisories/60094", "name": "60094", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59551", "name": "59551", "tags": [], "refsource": "SECUNIA"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html", "name": "RHSA-2014:0789", "tags": [], "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-0240", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-05-27T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.4"}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-12-21T02:29Z"}

6.2 /10