Lucene search
+L

238 matches found

openvas
openvas
added 2014/07/01 12:0 a.m.22 views

CentOS Update for mod_wsgi CESA-2014:0788 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08526EPSS
Exploits0References2
nessus
nessus
added 2014/06/26 12:0 a.m.32 views

CentOS 6 : mod_wsgi (CESA-2014:0788)

An updated modwsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS6.7AI score0.08526EPSS
Exploits0References3
nessus
nessus
added 2014/06/26 12:0 a.m.17 views

Scientific Linux Security Update : mod_wsgi on SL6.x i386/srpm/x86_64 (20140625)

It was found that modwsgi did not properly drop privileges if the call to setuid failed. If modwsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. CVE-2014-0240...

7.5CVSS6.6AI score0.08526EPSS
Exploits0References3
nessus
nessus
added 2014/06/26 12:0 a.m.28 views

RHEL 6 : mod_wsgi (RHSA-2014:0788)

An updated modwsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS6.7AI score0.08526EPSS
Exploits0References5
nessus
nessus
added 2014/06/26 12:0 a.m.23 views

Oracle Linux 6 : mod_wsgi (ELSA-2014-0788)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2014-0788 advisory. - fix for CVE-2014-0242 1104685 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

7.5CVSS6.8AI score0.08526EPSS
Exploits0References3
centos
centos
added 2014/06/25 7:1 p.m.60 views

mod_wsgi security update

CentOS Errata and Security Advisory CESA-2014:0788 An updated modwsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

7.5CVSS6.7AI score0.08526EPSS
Exploits0References7
redhat
redhat
added 2014/06/25 3:40 p.m.6 views

mod_wsgi: possible privilege escalation in setuid() failure scenarios

It was found that modwsgi did not properly drop privileges if the call to setuid failed. If modwsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: modwsgi i...

6.2CVSS7.2AI score0.00411EPSS
Exploits0References4
redhat
redhat
added 2014/06/25 3:40 p.m.28 views

Important: Red Hat Security Advisory: mod_wsgi security update

An updated modwsgi package that fixes two security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

7.5CVSS6.7AI score0.08526EPSS
Exploits0References3
redhat
redhat
added 2014/06/25 3:40 p.m.4 views

mod_wsgi: information leak

modwsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread...

7.5CVSS5.9AI score0.08526EPSS
Exploits0References4
redhat
redhat
added 2014/06/25 3:40 p.m.21 views

Important: Red Hat Security Advisory: python27-mod_wsgi and python33-mod_wsgi security update

Updated python27-modwsgi and python33-modwsgi packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives...

6.2CVSS6.5AI score0.00411EPSS
Exploits0References2
redhat
redhat
added 2014/06/25 3:40 p.m.5 views

mod_wsgi: possible privilege escalation in setuid() failure scenarios

It was found that modwsgi did not properly drop privileges if the call to setuid failed. If modwsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: modwsgi i...

6.2CVSS7.2AI score0.00411EPSS
Exploits0References4
oraclelinux
oraclelinux
added 2014/06/25 12:0 a.m.25 views

mod_wsgi security update

3.2-6 - fix for CVE-2014-0242 1104685 3.2-4 - fix for CVE-2014-0240 1104687...

6.2CVSS1.2AI score0.08526EPSS
Exploits0
openvas
openvas
added 2014/06/23 12:0 a.m.20 views

Fedora Update for mod_wsgi FEDORA-2014-6938

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.08526EPSS
Exploits0References2
openvas
openvas
added 2014/06/23 12:0 a.m.23 views

Fedora Update for mod_wsgi FEDORA-2014-6944

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.08526EPSS
Exploits0References2
nessus
nessus
added 2014/06/18 12:0 a.m.20 views

Fedora 19 : mod_wsgi-3.5-1.fc19 (2014-6938)

http://modwsgi.readthedocs.org/en/develop/release-notes/version-3.5.ht ml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS6.6AI score0.08526EPSS
Exploits0References6
nessus
nessus
added 2014/06/18 12:0 a.m.28 views

Fedora 20 : mod_wsgi-3.5-1.fc20 (2014-6944)

http://modwsgi.readthedocs.org/en/develop/release-notes/version-3.5.ht ml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.5CVSS6.6AI score0.08526EPSS
Exploits0References6
fedora
fedora
added 2014/06/17 11:35 p.m.26 views

[SECURITY] Fedora 19 Update: mod_wsgi-3.5-1.fc19

The modwsgi adapter is an Apache module that provides a WSGI compliant interface for hosting Python based web applications within Apache. The adapter is written completely in C code against the Apache C runtime and for hosting WSGI applications within Apache has a lower overhead than using existi...

7.5CVSS3.8AI score0.08526EPSS
Exploits0
fedora
fedora
added 2014/06/17 11:26 p.m.31 views

[SECURITY] Fedora 20 Update: mod_wsgi-3.5-1.fc20

The modwsgi adapter is an Apache module that provides a WSGI compliant interface for hosting Python based web applications within Apache. The adapter is written completely in C code against the Apache C runtime and for hosting WSGI applications within Apache has a lower overhead than using existi...

7.5CVSS3.8AI score0.08526EPSS
Exploits0
nessus
nessus
added 2014/06/16 12:0 a.m.16 views

openSUSE Security Update : apache2-mod_wsgi (openSUSE-SU-2014:0782-1)

apache2-modwsgi was updated to fix two security issues. These security issues were fixed : - Information exposure CVE-2014-0242 - Local privilege escalation CVE-2014-0240 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

7.5CVSS7.1AI score0.08526EPSS
Exploits0References5
cvelist
cvelist
added 2014/05/27 3:0 p.m.19 views

CVE-2014-0240

The modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes...

7.4AI score0.00411EPSS
Exploits0References7
Rows per page
Query Builder