Apache mod_wsgi < 4.2.4 Privilege Dropping Privilege Escalation

high Nessus Plugin ID 76498

Synopsis

The remote web server module is affected by a privilege escalation vulnerability.

Description

According to the web server banner, the version of mod_wsgi running on the remote host is prior to version 4.2.4. It is, therefore, affected by a privilege escalation vulnerability.

The issue is triggered when attempting to drop group privileges and an error with 'setgid', 'setgroups', and 'initgroups' occurs. The error is reported, but mod_wsgi continues to run with root group privileges, rather than dropping privileges as intended. A local attacker could potentially gain escalated privileges.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to mod_wsgi 4.2.4 or later, or apply the patch.

See Also

http://www.nessus.org/u?e7a37c36

http://www.nessus.org/u?49332efe

Plugin Details

Severity: High

ID: 76498

File Name: mod_wsgi_4_2_4.nasl

Version: 1.7

Type: remote

Family: Web Servers

Published: 7/14/2014

Updated: 11/26/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.1

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-8583

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:modwsgi:mod_wsgi

Required KB Items: installed_sw/Apache

Exploit Ease: No known exploits are available

Patch Publication Date: 6/18/2014

Vulnerability Publication Date: 6/17/2014

Reference Information

CVE: CVE-2014-8583

BID: 68111