Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-4559

lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.

Related bugs and status

CVE-2013-4559 (Candidate) is related to these bugs:

Bug #1301358: setuid/setgid/setgroups return values not checked

Summary				In	Importance	Status
	1301358	setuid/setgid/setgroups return values not checked		lighttpd (Ubuntu)	Undecided	Expired

Bug #1382965: DSA-2795-2 fixes not backported to precise

Summary				In	Importance	Status
	1382965	DSA-2795-2 fixes not backported to precise		lighttpd (Ubuntu)	Undecided	Expired

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: https://www.debian.org...
MISC: http://marc.info/?l=bu...
MISC: http://jvn.jp/en/jp/JV...
MISC: http://www.openwall.co...
MISC: http://download.lightt...
MISC: https://kc.mcafee.com/...
MISC: http://lists.opensuse....