20 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-8583
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow...
Mageia: Security Advisory (MGASA-2014-0513)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mod_wsgi (EulerOS-SA-2019-2711)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mod_wsgi (EulerOS-SA-2019-2367)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mod_wsgi (EulerOS-SA-2019-2633)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : mod_wsgi (EulerOS-SA-2019-2711)
According to the version of the modwsgi package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which migh...
EulerOS 2.0 SP2 : mod_wsgi (EulerOS-SA-2019-2367)
According to the version of the modwsgi package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which migh...
Amazon Linux AMI : mod24_wsgi (ALAS-2018-987)
Failure to handle errors when attempting to drop group privileges modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. CVE-2014-8583 C Tenabl...
Medium: mod24_wsgi
Issue Overview: Failure to handle errors when attempting to drop group privileges modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
Amazon Linux 2 : mod_wsgi (ALAS-2018-987)
Failure to handle errors when attempting to drop group privileges : modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. CVE-2014-8583 C...
Medium: mod_wsgi
Issue Overview: Failure to handle errors when attempting to drop group privileges: modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
GLSA-201612-49 : mod_wsgi: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201612-49 modwsgi: Privilege escalation modwsgi, when creating a daemon process group, does not properly handle dropping group privileges. Impact : Context-dependent attackers could escalate privileges due to the improper handling...
Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2015:180)
Updated apache-modwsgi package fixes security vulnerabilities : apache-modwsgi before 4.2.4 contained an off-by-one error in applying a limit to the number of supplementary groups allowed for a daemon process group. The result could be that if more groups than the operating system allowed were...
CVE-2014-8583
modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
CVE-2014-8583
CVE-2014-8583 : mod_wsgi (Apache) before 4.2.4 fails to handle when it cannot drop group privileges during daemon process group creation, potentially allowing local privilege escalation via unspecified vectors. Affected software: mod_wsgi before 4.2.4. Impact: attacker could gain privileges with ...
CVE-2014-8583
modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...
Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2014:253)
Updated apache-modwsgi package fixes security vulnerability : It was discovered that modwsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode...
openSUSE Security Update : apache2-mod_wsgi (openSUSE-SU-2014:1590-1)
apache2-modwsgi was updated to fix one security issue. This security issue was fixed : - Failure to handle errors when attempting to drop group privileges CVE-2014-8583. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Updated apache-mod_wsgi package fixes security vulnerability
It was discovered that modwsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode CVE-2014-8583...
CVE-2014-8583
modwsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors...