Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4356

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-4356
Last Modified 03 Jan 2012 11:38:45
Published 05 Dec 2011 06:55:07
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4356

Summary

Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process.

Vulnerable Systems

Application

  • Celeryproject Celery 2.1.0

  • Celeryproject Celery 2.2.0

  • Celeryproject Celery 2.2.1

  • Celeryproject Celery 2.2.2

  • Celeryproject Celery 2.2.3

  • Celeryproject Celery 2.2.4

  • Celeryproject Celery 2.2.5

  • Celeryproject Celery 2.2.6

  • Celeryproject Celery 2.2.7

  • Celeryproject Celery 2.3.0

  • Celeryproject Celery 2.3.1

  • Celeryproject Celery 2.3.2

  • Celeryproject Celery 2.3.3

  • Celeryproject Celery 2.4.0

  • Celeryproject Celery 2.4.1

  • Celeryproject Celery 2.4.2

  • Celeryproject Celery 2.4.3

  • Python Celery 2.1.0

  • Python Celery 2.2.0

  • Python Celery 2.2.1

  • Python Celery 2.2.2

  • Python Celery 2.2.3

  • Python Celery 2.2.4

  • Python Celery 2.2.5

  • Python Celery 2.2.6

  • Python Celery 2.2.7

  • Python Celery 2.3.0

  • Python Celery 2.3.1

  • Python Celery 2.3.2

  • Python Celery 2.3.3

  • Python Celery 2.4.0

  • Python Celery 2.4.1

  • Python Celery 2.4.2

  • Python Celery 2.4.3


References

CONFIRM - https://github.com/ask/celery/blob/master/docs/sec/CELERYSA-0001.txt

CONFIRM - https://github.com/ask/celery/pull/544

BID - 50825

SECUNIA - 46973


Last Updated: 27 May 2016 10:57:18