Gentoo Linux Security Advisory 201612-49 - A vulnerability in mod_wsgi could lead to privilege escalation. Versions less than 4.3.0 are affected.
ca41096d460fe443d6a3451c919e32eb523a3ee9eebf78037712cd61bf3da4d4Mandriva Linux Security Advisory 2015-180 - apache-mod_wsgi before 4.2.4 contained an off-by-one error in applying a limit to the number of supplementary groups allowed for a daemon process group. The result could be that if more groups than the operating system allowed were specified to the option supplementary-groups, then memory corruption or a process crash could occur. It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode.
40f8b322ddf7710b19ea3969bb8a422052e750f3097df1b53e68aac2fbfa40acMandriva Linux Security Advisory 2014-253 - It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode.
8336b360e16f0c2a346262a2b65d82bd0d946e35b938fddd29e48042ef43d491Ubuntu Security Notice 2431-1 - It was discovered that mod_wsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode.
5bb4cde48cd484123416bef08c355511f51ff15ed833702a51b37c736b6a5dce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed