CVE-2022-2255
https://notcve.org/view.php?id=CVE-2022-2255
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing. Se encontró una vulnerabilidad en mod_wsgi. El encabezado X-Client-IP no es eliminado de una solicitud procedente de un proxy no confiable, lo que permite a un atacante pasar la cabecera X-Client-IP a la aplicación WSGI de destino porque falta la condición para eliminarla. • https://github.com/GrahamDumpleton/mod_wsgi/blob/4.9.2/src/server/mod_wsgi.c#L13940-L13941 https://github.com/GrahamDumpleton/mod_wsgi/blob/4.9.2/src/server/mod_wsgi.c#L14046-L14082 https://lists.debian.org/debian-lts-announce/2022/09/msg00021.html https://modwsgi.readthedocs.io/en/latest/release-notes/version-4.9.3.html • CWE-345: Insufficient Verification of Data Authenticity CWE-348: Use of Less Trusted Source •
CVE-2014-8583
https://notcve.org/view.php?id=CVE-2014-8583
mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. mod_wsgi anterior a 4.2.4 para Apache, cuando crea un grupo de procesos del demonio, no se maneja correctamente cuando no se pueden dejar los privilegios de grupo, lo que podría permitir a atacantes ganar privilegios a través de vectores no especificados. • http://advisories.mageia.org/MGASA-2014-0513.html http://lists.opensuse.org/opensuse-updates/2014-12/msg00036.html http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html http://www.mandriva.com/security/advisories?name=MDVSA-2014:253 http://www.openwall.com/lists/oss-security/2014/06/19/7 http://www.openwall.com/lists/oss-security/2014/11/04/8 http://www.securityfocus.com/bid/68111 http://www.ubuntu.com/usn/USN-2431-1 https://bugzilla.redhat. • CWE-254: 7PK - Security Features •
CVE-2014-0242 – Apache mod_wsgi - Information Disclosure
https://notcve.org/view.php?id=CVE-2014-0242
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread. El módulo mod_wsgi versiones anteriores a 3.4 para Apache, cuando es usado en modo insertado, podría permitir a atacantes remotos obtener información confidencial por medio del encabezado Content-Type que es generado desde la memoria que puede haber sido liberada y luego sobrescrita mediante un hilo o subproceso separado. • https://www.exploit-db.com/exploits/39196 http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.4.html http://www.openwall.com/lists/oss-security/2014/05/21/1 http://www.securityfocus.com/bid/67534 https://access.redhat.com/security/cve/CVE-2014-0242 https://bugzilla.redhat.com/show_bug.cgi?id=1101873 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-0240 – mod_wsgi: possible privilege escalation in setuid() failure scenarios
https://notcve.org/view.php?id=CVE-2014-0240
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes. El módulo mod_wsgi anterior a 3.5 para Apache, cuando modo demonio está habilitado, no maneja debidamente códigos de error devueltos por setuid cuando se ejecuta en ciertos kernels de Linux, lo que permite a usuarios locales ganar privilegios a través de vectores relacionados con el número de procesos en ejecución. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation. • http://blog.dscpl.com.au/2014/05/security-release-for-modwsgi-version-35.html http://modwsgi.readthedocs.org/en/latest/release-notes/version-3.5.html http://rhn.redhat.com/errata/RHSA-2014-0789.html http://secunia.com/advisories/59551 http://secunia.com/advisories/60094 http://www.openwall.com/lists/oss-security/2014/05/21/1 http://www.securityfocus.com/bid/67532 https://access.redhat.com/security/cve/CVE-2014-0240 https://bugzilla.redhat.com/show_bug.cgi?id=110186 • CWE-264: Permissions, Privileges, and Access Controls CWE-271: Privilege Dropping / Lowering Errors •