It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system.
Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | mod24_wsgi | 2014-07-09 23:02 | ALAS-2014-375 |
Amazon Linux 1 | mod_wsgi | 2014-07-09 23:07 | ALAS-2014-376 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C |
NVD | CVSSv2 | 6.2 | AV:L/AC:H/Au:N/C:C/I:C/A:C |