- Home
- CVEs with nessus.description==According to the web server banner, the version of mod_wsgi running on the remote host is prior to version 4.2.4. It is, therefore, affected by a privilege escalation vulnerability.
The issue is triggered when attempting to drop group privileges and an error with 'setgid', 'setgroups', and 'initgroups' occurs. The error is reported, but mod_wsgi continues to run with root group privileges, rather than dropping privileges as intended. A local attacker could potentially gain escalated privileges.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top