{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-05-21T00:00:00", "descriptions": [{"lang": "en", "value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-20T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "59551", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59551"}, {"name": "67532", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/67532"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"}, {"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"}, {"name": "RHSA-2014:0789", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"}, {"name": "60094", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60094"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-0240", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "59551", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/59551"}, {"name": "67532", "refsource": "BID", "url": "http://www.securityfocus.com/bid/67532"}, {"name": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html", "refsource": "CONFIRM", "url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"}, {"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"}, {"name": "RHSA-2014:0789", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"}, {"name": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html", "refsource": "CONFIRM", "url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"}, {"name": "60094", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60094"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:05:39.376Z"}, "title": "CVE Program Container", "references": [{"name": "59551", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59551"}, {"name": "67532", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/67532"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"}, {"name": "[oss-security] 20140521 Security release for mod_wsgi (version 3.5)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"}, {"name": "RHSA-2014:0789", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"}, {"name": "60094", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60094"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0240", "datePublished": "2014-05-27T15:00:00", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2024-08-06T09:05:39.376Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:*", "matchCriteriaId": "785170E8-C24B-42E0-8DFD-E25BCBEA3F06", "versionEndIncluding": "3.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D11F04B8-E47E-448E-B5B0-499A3388DBF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "50A93F05-1041-4E7A-B7F3-372828F1D01B", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "414E1DA8-8135-4DF0-AB7F-BA54CCBB05DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6D070519-30F1-4561-BC4F-06511BED6608", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8BCF68C7-84CC-45DB-ACEA-31A624F9A3A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "72AFD695-31E2-416F-8D25-25D76B57D935", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "28EBA2EA-78FA-458A-A004-E306370D9AF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1DB6E106-8C25-4EF5-98DD-95C3A477EBDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E04D69ED-0B61-440B-8AF5-AE1987F8343B", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "0766F7BB-709D-44C1-A435-9D78D8B65E6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8EE398E6-F113-44DB-AE9D-B9FE2B58F2AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "CA1CCF4D-4874-4474-AB85-8E2B107031BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6D9ECCE-4FF6-483E-A320-D7085BAA9D81", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "00DCC650-5B04-4A60-B1BE-912798F9969F", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "CA39B24F-EA97-49B5-B40E-830B15C80498", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:2.8:*:*:*:*:*:*:*", "matchCriteriaId": "A6D5AA63-BD50-409E-BBD6-3D5340ABF361", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "671BE4C2-1F45-4BBC-B7FB-0AB1DBD57F38", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "61E348ED-9B13-469E-84DF-1E737C485847", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0131F322-C087-4A78-BC6F-B69EA36A15F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:modwsgi:mod_wsgi:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "412A2104-C514-41A1-97E9-A0E204371396", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes."}, {"lang": "es", "value": "El m\u00f3dulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio est\u00e1 habilitado, no maneja debidamente c\u00f3digos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores relacionados con el n\u00famero de procesos en ejecuci\u00f3n."}], "id": "CVE-2014-0240", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-05-27T14:55:12.197", "references": [{"source": "secalert@redhat.com", "url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"}, {"source": "secalert@redhat.com", "url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/59551"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/60094"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/67532"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-0789.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/59551"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/05/21/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/67532"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Graham Dumpleton for reporting this issue. Upstream acknowledges R\u00f3bert Kisteleki as the original reporter.", "affected_release": [{"advisory": "RHSA-2014:0788", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "mod_wsgi-0:3.2-6.el6_5", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:1091", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "mod_wsgi-0:3.4-12.el7_0", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-08-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python27-mod_wsgi-0:3.4-12.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python33-mod_wsgi-0:3.4-14.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python27-mod_wsgi-0:3.4-12.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.3 EUS", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python33-mod_wsgi-0:3.4-14.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.3 EUS", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python27-mod_wsgi-0:3.4-12.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "python33-mod_wsgi-0:3.4-14.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el7", "package": "python27-mod_wsgi-0:3.4-13.el7", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7", "release_date": "2014-06-25T00:00:00Z"}, {"advisory": "RHSA-2014:0789", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el7", "package": "python33-mod_wsgi-0:3.4-13.el7", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7", "release_date": "2014-06-25T00:00:00Z"}], "bugzilla": {"description": "mod_wsgi: possible privilege escalation in setuid() failure scenarios", "id": "1101863", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101863"}, "csaw": false, "cvss": {"cvss_base_score": "6.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "status": "verified"}, "cwe": "CWE-271", "details": ["The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.", "It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.\nNote: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation."], "name": "CVE-2014-0240", "package_state": [{"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Affected", "package_name": "python27-mod_wsgi", "product_name": "Red Hat OpenShift Enterprise 2"}, {"cpe": "cpe:/a:redhat:network_satellite:5.6", "fix_state": "Will not fix", "package_name": "mod_wsgi", "product_name": "Red Hat Satellite 5.6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "mod_wsgi", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:network_proxy:5.6", "fix_state": "Not affected", "package_name": "mod_wsgi", "product_name": "Red Hat Satellite Proxy 5.6"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Will not fix", "package_name": "mod_wsgi", "product_name": "Red Hat Subscription Asset Manager"}, {"cpe": "cpe:/a:redhat:rhui:2", "fix_state": "Will not fix", "package_name": "mod_wsgi", "product_name": "RHUI for RHEL 6"}], "public_date": "2014-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0240\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0240"], "threat_severity": "Important"}

{}