Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote web server module is affected by a privilege escalation
vulnerability.

Description :

According to the web server banner, the version of mod_wsgi running on
the remote host is prior to version 4.2.4. It is, therefore, affected
by a privilege escalation vulnerability.

The issue is triggered when attempting to drop group privileges and an
error with 'setgid', 'setgroups', and 'initgroups' occurs. The error
is reported, but mod_wsgi continues to run with root group privileges,
rather than dropping privileges as intended. A local attacker could
potentially gain escalated privileges.

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

http://www.nessus.org/u?e7a37c36
http://www.nessus.org/u?49332efe

Solution :

Upgrade to mod_wsgi 4.2.4 or later, or apply the patch.

Risk factor :

Medium / CVSS Base Score : 6.2
(CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.4
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 76498 ()

Bugtraq ID: 68111

CVE ID: