CVE-2013-4559

lighttpd <1.4.33 - Privilege Escalation

Title source: llm
STIX 2.1

Description

lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.

References (8)

Core 8
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/55682
Issue Tracking, Third Party Advisory vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=141576815022399&w=2
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2013/dsa-2795
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/11/12/4
Third Party Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10310
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN37417423/index.html

Scores

EPSS 0.1072
EPSS Percentile 95.3%

Details

CWE
CWE-264
Status published
Products (7)
debian/debian_linux 6.0
debian/debian_linux 7.0
debian/debian_linux 8.0
lighttpd/lighttpd < 1.4.33
opensuse/opensuse 12.2
opensuse/opensuse 12.3
opensuse/opensuse 13.1
Published Nov 20, 2013
Tracked Since Feb 18, 2026