Main Vulnerability Database Exploits ID:3563 - Exploit for Information disclosure in mod_wsgi - CVE-2014-0242

ID:3563 - Exploit for Information disclosure in mod_wsgi - CVE-2014-0242

Published: July 20, 2020

Vulnerability identifier: #VU30558

Vulnerability risk: Medium

CVE-ID: CVE-2014-0242

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
mod_wsgi

Link to public exploit:

https://www.exploit-db.com/exploits/39196/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

Remediation

Install update from vendor's website.

ID:3563 - Exploit for Information disclosure in mod_wsgi - CVE-2014-0242

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human