Search...

Apache mod_wsgi privilege escalation

2014-12-22T00:00:00

ID SECURITYVULNS:VULN:14163
Type securityvulns
Reporter BUGTRAQ
Modified 2014-12-22T00:00:00

Description

Invalid error processing can lead to privilege escalation.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:14163", "bulletinFamily": "software", "title": "Apache mod_wsgi privilege escalation", "description": "Invalid error processing can lead to privilege escalation.", "published": "2014-12-22T00:00:00", "modified": "2014-12-22T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14163", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:31530"], "cvelist": ["CVE-2014-8583"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:58", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "1e26cc9ab1ef2eef94b0b29ccbb53389"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "1263724c96cb285926f0b6d847480fad"}, {"key": "cvss", "hash": "e8bafdc9ad5c6f47fe1e6e5fd509b7a9"}, {"key": "description", "hash": "f982509b5337a668f8903b4494175b27"}, {"key": "href", "hash": "ba4277d93b28fe9d95b144f86a61523b"}, {"key": "modified", "hash": "ddb68196ac322ad1803e6954e5007feb"}, {"key": "published", "hash": "ddb68196ac322ad1803e6954e5007feb"}, {"key": "references", "hash": "85c985ae8aaf50a5874468cd096cc832"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "a621b862d9416ccc807c578cc77b3d32"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "d669340a5a334271b1bf9ee7b48669c193fb5148043ff8ad5f7a43bb2beaa721", "viewCount": 0, "enchantments": {"score": {"value": 10.0, "vector": "NONE", "modified": "2018-08-31T11:09:58"}, "vulnersScore": 10.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "mod_wsgi", "operator": "eq", "version": "4.2"}]}

{"cve": [{"lastseen": "2017-07-01T10:43:11", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1111034", "http://www.securityfocus.com/bid/68111", "http://lists.opensuse.org/opensuse-updates/2014-12/msg00036.html", "https://security.gentoo.org/glsa/201612-49", "http://www.openwall.com/lists/oss-security/2014/11/04/8", "http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html", "http://advisories.mageia.org/MGASA-2014-0513.html", "http://www.ubuntu.com/usn/USN-2431-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2014:253", "http://www.openwall.com/lists/oss-security/2014/06/19/7"], "edition": 3, "description": "mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.", "reporter": "NVD", "published": "2014-12-16T13:59:08", "title": "CVE-2014-8583", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-8583"], "scanner": [], "cpe": ["cpe:/a:modwsgi:mod_wsgi:4.2.4"], "modified": "2017-06-30T21:29:08", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8583", "id": "CVE-2014-8583", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:45:12", "references": ["http://advisories.mageia.org/MGASA-2014-0323.html", "http://advisories.mageia.org/MGASA-2014-0513.html"], "pluginID": "82455", "description": "Updated apache-mod_wsgi package fixes security vulnerabilities :\n\napache-mod_wsgi before 4.2.4 contained an off-by-one error in applying a limit to the number of supplementary groups allowed for a daemon process group. The result could be that if more groups than the operating system allowed were specified to the option supplementary-groups, then memory corruption or a process crash could occur.\n\nIt was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode (CVE-2014-8583).", "edition": 5, "reporter": "Tenable", "published": "2015-03-31T00:00:00", "title": "Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2015:180)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:2", "p-cpe:/a:mandriva:linux:apache-mod_wsgi"], "id": "MANDRIVA_MDVSA-2015-180.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82455", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:180. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82455);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/07/19 20:59:19\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_xref(name:\"MDVSA\", value:\"2015:180\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2015:180)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-mod_wsgi package fixes security vulnerabilities :\n\napache-mod_wsgi before 4.2.4 contained an off-by-one error in applying\na limit to the number of supplementary groups allowed for a daemon\nprocess group. The result could be that if more groups than the\noperating system allowed were specified to the option\nsupplementary-groups, then memory corruption or a process crash could\noccur.\n\nIt was discovered that mod_wsgi incorrectly handled errors when\nsetting up the working directory and group access rights. A malicious\napplication could possibly use this issue to cause a local privilege\nescalation when using daemon mode (CVE-2014-8583).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0323.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0513.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-mod_wsgi package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"apache-mod_wsgi-3.5-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:07:07", "references": ["http://www.nessus.org/u?49332efe", "http://www.nessus.org/u?e7a37c36"], "pluginID": "76498", "description": "According to the web server banner, the version of mod_wsgi running on the remote host is prior to version 4.2.4. It is, therefore, affected by a privilege escalation vulnerability.\n\nThe issue is triggered when attempting to drop group privileges and an error with 'setgid', 'setgroups', and 'initgroups' occurs. The error is reported, but mod_wsgi continues to run with root group privileges, rather than dropping privileges as intended. A local attacker could potentially gain escalated privileges.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "edition": 7, "reporter": "Tenable", "published": "2014-07-14T00:00:00", "title": "Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Web Servers", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:modwsgi:mod_wsgi"], "id": "MOD_WSGI_4_2_4.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76498", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76498);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/16 12:48:31\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_bugtraq_id(68111);\n\n script_name(english:\"Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation\");\n script_summary(english:\"Checks the version of mod_wsgi in the Server response header.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server module is affected by a privilege escalation\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the web server banner, the version of mod_wsgi running on\nthe remote host is prior to version 4.2.4. It is, therefore, affected\nby a privilege escalation vulnerability.\n\nThe issue is triggered when attempting to drop group privileges and an\nerror with 'setgid', 'setgroups', and 'initgroups' occurs. The error\nis reported, but mod_wsgi continues to run with root group privileges,\nrather than dropping privileges as intended. A local attacker could\npotentially gain escalated privileges.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e7a37c36\");\n # https://github.com/GrahamDumpleton/mod_wsgi/commit/545354a80b9cc20d8b6916ca30542eab36c3b8bd\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?49332efe\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to mod_wsgi 4.2.4 or later, or apply the patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:modwsgi:mod_wsgi\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"apache_http_version.nasl\");\n script_require_keys(\"installed_sw/Apache\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nget_install_count(app_name:\"Apache\", exit_if_zero:TRUE);\nport = get_http_port(default:80);\ninstall = get_single_install(app_name:\"Apache\", port:port, exit_if_unknown_ver:TRUE);\n\nbackported = get_kb_item_or_exit('www/apache/'+port+'/backported', exit_code:1);\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"Apache\");\n\nregex = \"mod_wsgi/([0-9rc.]+)\";\nmatches = pregmatch(pattern:regex, string:install[\"modules\"]);\nif (isnull(matches)) exit(0, \"The server banner from the web server listening on port \"+port+\" doesn't include the mod_wsgi version.\");\nelse version = matches[1];\n\nsuffixes = make_array(\n -2, \"rc(\\d+)\",\n -1, \"c(\\d+)\"\n);\n\nfixed = '4.2.4';\nif (ver_compare(ver:version, fix:fixed, regexes:suffixes) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + server_header +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"mod_wsgi\", port, version);\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:56", "references": [], "pluginID": "79717", "description": "It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2014-12-04T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : mod-wsgi vulnerability (USN-2431-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-wsgi", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-wsgi-py3", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2431-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79717", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2431-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79717);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/08/03 12:21:24\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_bugtraq_id(68111);\n script_xref(name:\"USN\", value:\"2431-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : mod-wsgi vulnerability (USN-2431-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that mod_wsgi incorrectly handled errors when\nsetting up the working directory and group access rights. A malicious\napplication could possibly use this issue to cause a local privilege\nescalation when using daemon mode.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libapache2-mod-wsgi and / or\nlibapache2-mod-wsgi-py3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-wsgi-py3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-wsgi\", pkgver:\"3.3-4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-wsgi-py3\", pkgver:\"3.3-4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-wsgi\", pkgver:\"3.4-4ubuntu2.1.14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-wsgi-py3\", pkgver:\"3.4-4ubuntu2.1.14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libapache2-mod-wsgi\", pkgver:\"3.5-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libapache2-mod-wsgi-py3\", pkgver:\"3.5-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-wsgi / libapache2-mod-wsgi-py3\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:14", "references": ["https://security.gentoo.org/glsa/201612-49"], "pluginID": "96224", "description": "The remote host is affected by the vulnerability described in GLSA-201612-49 (mod_wsgi: Privilege escalation)\n\n mod_wsgi, when creating a daemon process group, does not properly handle dropping group privileges.\n Impact :\n\n Context-dependent attackers could escalate privileges due to the improper handling of group privileges.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "reporter": "Tenable", "published": "2017-01-03T00:00:00", "title": "GLSA-201612-49 : mod_wsgi: Privilege escalation", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2017-01-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mod_wsgi", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201612-49.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96224", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201612-49.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96224);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/03 14:55:09 $\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_xref(name:\"GLSA\", value:\"201612-49\");\n\n script_name(english:\"GLSA-201612-49 : mod_wsgi: Privilege escalation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201612-49\n(mod_wsgi: Privilege escalation)\n\n mod_wsgi, when creating a daemon process group, does not properly handle\n dropping group privileges.\n \nImpact :\n\n Context-dependent attackers could escalate privileges due to the\n improper handling of group privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201612-49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All mod_wsgi users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apache/mod_wsgi-4.3.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apache/mod_wsgi\", unaffected:make_list(\"ge 4.3.0\"), vulnerable:make_list(\"lt 4.3.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_wsgi\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:49", "references": ["https://alas.aws.amazon.com/AL2/ALAS-2018-987.html"], "pluginID": "109140", "description": "Failure to handle errors when attempting to drop group privileges :\n\nmod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. (CVE-2014-8583)", "edition": 3, "reporter": "Tenable", "published": "2018-04-18T00:00:00", "title": "Amazon Linux 2 : mod_wsgi (ALAS-2018-987)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod_wsgi", "cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:mod_wsgi-debuginfo"], "id": "AL2_ALAS-2018-987.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109140", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-987.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109140);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/18 15:09:32\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_xref(name:\"ALAS\", value:\"2018-987\");\n\n script_name(english:\"Amazon Linux 2 : mod_wsgi (ALAS-2018-987)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Failure to handle errors when attempting to drop group privileges :\n\nmod_wsgi before 4.2.4 for Apache, when creating a daemon process\ngroup, does not properly handle when group privileges cannot be\ndropped, which might allow attackers to gain privileges via\nunspecified vectors. (CVE-2014-8583)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-987.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mod_wsgi' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod_wsgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"mod_wsgi-3.4-12.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"mod_wsgi-debuginfo-3.4-12.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod_wsgi / mod_wsgi-debuginfo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:38", "references": ["http://lists.opensuse.org/opensuse-updates/2014-12/msg00036.html", "https://bugzilla.opensuse.org/show_bug.cgi?id=903961"], "pluginID": "79815", "description": "apache2-mod_wsgi was updated to fix one security issue.\n\nThis security issue was fixed :\n\n - Failure to handle errors when attempting to drop group privileges (CVE-2014-8583).", "edition": 4, "reporter": "Tenable", "published": "2014-12-09T00:00:00", "title": "openSUSE Security Update : apache2-mod_wsgi (openSUSE-SU-2014:1590-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2014-12-18T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:apache2-mod_wsgi-debuginfo", "p-cpe:/a:novell:opensuse:apache2-mod_wsgi-debugsource", "p-cpe:/a:novell:opensuse:apache2-mod_wsgi", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-753.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79815", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-753.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79815);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2014/12/18 14:26:56 $\");\n\n script_cve_id(\"CVE-2014-8583\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_wsgi (openSUSE-SU-2014:1590-1)\");\n script_summary(english:\"Check for the openSUSE-2014-753 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"apache2-mod_wsgi was updated to fix one security issue.\n\nThis security issue was fixed :\n\n - Failure to handle errors when attempting to drop group\n privileges (CVE-2014-8583).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.opensuse.org/opensuse-updates/2014-12/msg00036.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=903961\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_wsgi packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_wsgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_wsgi-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_wsgi-3.3-12.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_wsgi-debuginfo-3.3-12.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_wsgi-debugsource-3.3-12.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_wsgi-3.4-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_wsgi-debuginfo-3.4-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_wsgi-debugsource-3.4-2.28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_wsgi / apache2-mod_wsgi-debuginfo / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:50", "references": ["https://alas.aws.amazon.com/ALAS-2018-987.html"], "pluginID": "109369", "description": "Failure to handle errors when attempting to drop group privileges\n\nmod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. (CVE-2014-8583)", "edition": 3, "reporter": "Tenable", "published": "2018-04-27T00:00:00", "title": "Amazon Linux AMI : mod24_wsgi (ALAS-2018-987)", "type": "nessus", "enchantments": {"score": {"modified": "2018-09-01T23:41:50", "vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-04-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mod24_wsgi-python36", "p-cpe:/a:amazon:linux:mod24_wsgi-debuginfo", "p-cpe:/a:amazon:linux:mod24_wsgi-python34", "p-cpe:/a:amazon:linux:mod24_wsgi-python35", "p-cpe:/a:amazon:linux:mod24_wsgi-python26", "p-cpe:/a:amazon:linux:mod24_wsgi-python27", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-987.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=109369", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-987.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109369);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/04/27 12:18:29\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_xref(name:\"ALAS\", value:\"2018-987\");\n\n script_name(english:\"Amazon Linux AMI : mod24_wsgi (ALAS-2018-987)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Failure to handle errors when attempting to drop group privileges\n\nmod_wsgi before 4.2.4 for Apache, when creating a daemon process\ngroup, does not properly handle when group privileges cannot be\ndropped, which might allow attackers to gain privileges via\nunspecified vectors. (CVE-2014-8583)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-987.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mod24_wsgi' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-python34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-python35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mod24_wsgi-python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-debuginfo-3.5-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-python26-3.5-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-python27-3.5-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-python34-3.5-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-python35-3.5-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mod24_wsgi-python36-3.5-1.25.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mod24_wsgi-debuginfo / mod24_wsgi-python26 / mod24_wsgi-python27 / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:59:37", "references": ["http://advisories.mageia.org/MGASA-2014-0513.html"], "pluginID": "80042", "description": "Updated apache-mod_wsgi package fixes security vulnerability :\n\nIt was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode (CVE-2014-8583).", "edition": 5, "reporter": "Tenable", "published": "2014-12-16T00:00:00", "title": "Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2014:253)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-8583"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:apache-mod_wsgi"], "id": "MANDRIVA_MDVSA-2014-253.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80042", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:253. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80042);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/19 20:59:18\");\n\n script_cve_id(\"CVE-2014-8583\");\n script_bugtraq_id(68111);\n script_xref(name:\"MDVSA\", value:\"2014:253\");\n\n script_name(english:\"Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2014:253)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-mod_wsgi package fixes security vulnerability :\n\nIt was discovered that mod_wsgi incorrectly handled errors when\nsetting up the working directory and group access rights. A malicious\napplication could possibly use this issue to cause a local privilege\nescalation when using daemon mode (CVE-2014-8583).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0513.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-mod_wsgi package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_wsgi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_wsgi-3.5-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-12-30T02:13:08", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8583", "https://bugs.gentoo.org/show_bug.cgi?id=536270"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.3.0", "arch": "all", "packageName": "www-apache/mod_wsgi", "packageFilename": "UNKNOWN", "operator": "lt"}], "edition": 1, "description": "### Background\n\nmod_wsgi is an Apache2 module for running Python WSGI applications.\n\n### Description\n\nmod_wsgi, when creating a daemon process group, does not properly handle dropping group privileges. \n\n### Impact\n\nContext-dependent attackers could escalate privileges due to the improper handling of group privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll mod_wsgi users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apache/mod_wsgi-4.3.0\"", "reporter": "Gentoo Foundation", "published": "2016-12-30T00:00:00", "type": "gentoo", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "mod_wsgi: Privilege escalation", "bulletinFamily": "unix", "cvelist": ["CVE-2014-8583"], "modified": "2016-12-30T00:00:00", "id": "GLSA-201612-49", "href": "https://security.gentoo.org/glsa/201612-49", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:32", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-8583"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.4-4ubuntu2.1.14.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi-py3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.3-4ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi-py3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.5-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi-py3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.4-4ubuntu2.1.14.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.3-4ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.10", "packageVersion": "3.5-1ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libapache2-mod-wsgi", "operator": "lt"}], "description": "It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode.", "edition": 3, "reporter": "Ubuntu", "published": "2014-12-03T00:00:00", "title": "mod_wsgi vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-8583"], "modified": "2014-12-03T00:00:00", "id": "USN-2431-1", "href": "https://usn.ubuntu.com/2431-1/", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:56", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:253\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : apache-mod_wsgi\r\n Date : December 15, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated apache-mod_wsgi package fixes security vulnerability:\r\n \r\n It was discovered that mod_wsgi incorrectly handled errors when\r\n setting up the working directory and group access rights. A malicious\r\n application could possibly use this issue to cause a local privilege\r\n escalation when using daemon mode (CVE-2014-8583).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8583\r\n http://advisories.mageia.org/MGASA-2014-0513.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n fe423911e6f14b53ebe83e46b7998f78 mbs1/x86_64/apache-mod_wsgi-3.5-1.mbs1.x86_64.rpm \r\n 0240843f113d435f1f3ab17cab8db75f mbs1/SRPMS/apache-mod_wsgi-3.5-1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFUjxdomqjQ0CJFipgRAkHYAKDAHNVRKpZ4IoP1NYfmaHpMN50XIQCgv2kn\r\nP7gcJObnc83oRK0+YP3fd14=\r\n=pXOK\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-12-22T00:00:00", "title": "[ MDVSA-2014:253 ] apache-mod_wsgi", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:56", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-8583"], "modified": "2014-12-22T00:00:00", "id": "SECURITYVULNS:DOC:31530", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31530", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}