Vulnerabilities > CVE-2015-0221 - Resource Management Errors vulnerability in multiple products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
djangoproject
canonical
CWE-399
nessus

Summary

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.

Vulnerable Configurations

Part Description Count
Application
Djangoproject
68
OS
Canonical
4

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-036.NASL
    descriptionUpdated python-django packages fix security vulnerabilities : Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments (CVE-2015-0219). Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack (CVE-2015-0220). Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service (CVE-2015-0221).
    last seen2020-06-01
    modified2020-06-02
    plugin id81236
    published2015-02-09
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81236
    titleMandriva Linux Security Advisory : python-django (MDVSA-2015:036)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2015:036. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(81236);
      script_version("1.5");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2015-0219", "CVE-2015-0220", "CVE-2015-0221");
      script_bugtraq_id(72078, 72079, 72081);
      script_xref(name:"MDVSA", value:"2015:036");
    
      script_name(english:"Mandriva Linux Security Advisory : python-django (MDVSA-2015:036)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Mandriva Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated python-django packages fix security vulnerabilities :
    
    Jedediah Smith discovered that Django incorrectly handled underscores
    in WSGI headers. A remote attacker could possibly use this issue to
    spoof headers in certain environments (CVE-2015-0219).
    
    Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
    redirect URLs. A remote attacker could possibly use this issue to
    perform a cross-site scripting attack (CVE-2015-0220).
    
    Alex Gaynor discovered that Django incorrectly handled reading files
    in django.views.static.serve(). A remote attacker could possibly use
    this issue to cause Django to consume resources, resulting in a denial
    of service (CVE-2015-0221)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2015-0026.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/2469-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected python-django package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-django");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/02/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS1", reference:"python-django-1.3.7-1.7.mbs1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-109.NASL
    descriptionUpdated python-django packages fix security vulnerabilities : Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments (CVE-2015-0219). Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack (CVE-2015-0220). Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service (CVE-2015-0221). Keryn Knight discovered that Django incorrectly handled forms with ModelMultipleChoiceField. A remote attacker could possibly use this issue to cause a large number of SQL queries, resulting in a database denial of service. Note that this issue only affected python-django (CVE-2015-0222). Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonly_fields, as demonstrated by a \@property (CVE-2015-2241). The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string (CVE-2015-2316). The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a control character in a URL, as demonstrated by a \x08javascript: URL (CVE-2015-2317).
    last seen2020-06-01
    modified2020-06-02
    plugin id82362
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82362
    titleMandriva Linux Security Advisory : python-django (MDVSA-2015:109)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2015:109. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(82362);
      script_version("1.4");
      script_cvs_date("Date: 2019/08/02 13:32:56");
    
      script_cve_id("CVE-2015-0219", "CVE-2015-0220", "CVE-2015-0221", "CVE-2015-0222", "CVE-2015-2241", "CVE-2015-2316", "CVE-2015-2317");
      script_xref(name:"MDVSA", value:"2015:109");
    
      script_name(english:"Mandriva Linux Security Advisory : python-django (MDVSA-2015:109)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated python-django packages fix security vulnerabilities :
    
    Jedediah Smith discovered that Django incorrectly handled underscores
    in WSGI headers. A remote attacker could possibly use this issue to
    spoof headers in certain environments (CVE-2015-0219).
    
    Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
    redirect URLs. A remote attacker could possibly use this issue to
    perform a cross-site scripting attack (CVE-2015-0220).
    
    Alex Gaynor discovered that Django incorrectly handled reading files
    in django.views.static.serve(). A remote attacker could possibly use
    this issue to cause Django to consume resources, resulting in a denial
    of service (CVE-2015-0221).
    
    Keryn Knight discovered that Django incorrectly handled forms with
    ModelMultipleChoiceField. A remote attacker could possibly use this
    issue to cause a large number of SQL queries, resulting in a database
    denial of service. Note that this issue only affected python-django
    (CVE-2015-0222).
    
    Cross-site scripting (XSS) vulnerability in the contents function in
    admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows
    remote attackers to inject arbitrary web script or HTML via a model
    attribute in ModelAdmin.readonly_fields, as demonstrated by a
    \@property (CVE-2015-2241).
    
    The utils.html.strip_tags function in Django 1.6.x before 1.6.11,
    1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain
    versions of Python, allows remote attackers to cause a denial of
    service (infinite loop) by increasing the length of the input string
    (CVE-2015-2316).
    
    The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x,
    1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does
    not properly validate URLs, which allows remote attackers to conduct
    cross-site scripting (XSS) attacks via a control character in a URL,
    as demonstrated by a \x08javascript: URL (CVE-2015-2317)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2015-0026.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://advisories.mageia.org/MGASA-2015-0127.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-django");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-django-bash-completion");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-django-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python3-django");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/03/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK-MBS2", reference:"python-django-1.7.7-1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", reference:"python-django-bash-completion-1.7.7-1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", reference:"python-django-doc-1.7.7-1.mbs2")) flag++;
    if (rpm_check(release:"MDK-MBS2", reference:"python3-django-1.7.7-1.mbs2")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-0714.NASL
    descriptionfix CVE-2015-0219 (rhbz#1181939) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-01-26
    plugin id80975
    published2015-01-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80975
    titleFedora 21 : python-django-1.6.10-1.fc21 (2015-0714)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2015-0714.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(80975);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2015-0219", "CVE-2015-0220", "CVE-2015-0221", "CVE-2015-0222");
      script_bugtraq_id(72078, 72079, 72080, 72081);
      script_xref(name:"FEDORA", value:"2015-0714");
    
      script_name(english:"Fedora 21 : python-django-1.6.10-1.fc21 (2015-0714)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "fix CVE-2015-0219 (rhbz#1181939)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1179672"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1179675"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1179679"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1179685"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148485.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?a11e31f6"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected python-django package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:python-django");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2015/01/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/26");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC21", reference:"python-django-1.6.10-1.fc21")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-django");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2469-1.NASL
    descriptionJedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. (CVE-2015-0219) Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. (CVE-2015-0220) Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service. (CVE-2015-0221) Keryn Knight discovered that Django incorrectly handled forms with ModelMultipleChoiceField. A remote attacker could possibly use this issue to cause a large number of SQL queries, resulting in a database denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0222). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id80516
    published2015-01-14
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80516
    titleUbuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : python-django vulnerabilities (USN-2469-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2469-2.NASL
    descriptionUSN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We apologize for the inconvenience. Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. (CVE-2015-0219) Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. (CVE-2015-0220) Alex Gaynor discovered that Django incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service. (CVE-2015-0221) Keryn Knight discovered that Django incorrectly handled forms with ModelMultipleChoiceField. A remote attacker could possibly use this issue to cause a large number of SQL queries, resulting in a database denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-0222). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id81177
    published2015-02-05
    reporterUbuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81177
    titleUbuntu 10.04 LTS / 12.04 LTS : python-django regression (USN-2469-2)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-598.NASL
    descriptionpython Django was updated to fix a remote denial of service (resource exhaustion) possibility in the auth views module. (bsc#941587, CVE-2015-5963) Also is_safe_url() was made to reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs (bnc#923176, CVE-2015-2317) - Method check_for_test_cookie is deprecated, bnc#914706 - Update to version 1.5.12 with various security fixes : + Fixed a regression with dynamically generated inlines and allowed field references in the admin + Allowed related many-to-many fields to be referenced in the admin + Allowed inline and hidden references to admin fields
    last seen2020-06-05
    modified2015-09-23
    plugin id86091
    published2015-09-23
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/86091
    titleopenSUSE Security Update : python-django (openSUSE-2015-598)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-281.NASL
    descriptionpython-django was updated to 1.6.11 to fix security issues and non-security bugs. THe following vulnerabilities were fixed : - Made is_safe_url() reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs (bnc#923176, CVE-2015-2317) - Fixed an infinite loop possibility in strip_tags() (bnc#923172, CVE-2015-2316) - WSGI header spoofing via underscore/dash conflation (bnc#913053, CVE-2015-0219) - Mitigated possible XSS attack via user-supplied redirect URLs - Denial-of-service attack against ``django.views.static.serve`` (bnc#913056, CVE-2015-0221) - Database denial-of-service with ``ModelMultipleChoiceField`` (bnc#913055, CVE-2015-0222) The update also contains fixes for non-security bugs, functional and stability issues.
    last seen2020-06-05
    modified2015-04-02
    plugin id82515
    published2015-04-02
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82515
    titleopenSUSE Security Update : python-Django (openSUSE-2015-281)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-143.NASL
    descriptionMultiple security issues have been found in Django: https://www.djangoproject.com/weblog/2015/jan/13/security/ For Debian 6 Squeeeze, they have been fixed in version 1.2.3-3+squeeze12 of python-django. Here is what the upstream developers have to say about those issues : CVE-2015-0219 - WSGI header spoofing via underscore/dash conflation When HTTP headers are placed into the WSGI environ, they are normalized by converting to uppercase, converting all dashes to underscores, and prepending HTTP_. For instance, a header X-Auth-User would become HTTP_X_AUTH_USER in the WSGI environ (and thus also in Django
    last seen2020-03-17
    modified2015-03-26
    plugin id82126
    published2015-03-26
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82126
    titleDebian DLA-143-1 : python-django security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3151.NASL
    descriptionSeveral vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-0219 Jedediah Smith reported that the WSGI environ in Django does not distinguish between headers containing dashes and headers containing underscores. A remote attacker could use this flaw to spoof WSGI headers. - CVE-2015-0220 Mikko Ohtamaa discovered that the django.util.http.is_safe_url() function in Django does not properly handle leading whitespaces in user-supplied redirect URLs. A remote attacker could potentially use this flaw to perform a cross-site scripting attack. - CVE-2015-0221 Alex Gaynor reported a flaw in the way Django handles reading files in the django.views.static.serve() view. A remote attacker could possibly use this flaw to mount a denial of service via resource consumption.
    last seen2020-03-17
    modified2015-02-03
    plugin id81131
    published2015-02-03
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/81131
    titleDebian DSA-3151-1 : python-django - security update
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_9C7B6C20A32411E4879C00E0814CAB4E.NASL
    descriptionThe Django project reports : Today the Django team is issuing multiple releases -- Django 1.4.18, Django 1.6.10, and Django 1.7.3 -- as part of our security process. These releases are now available on PyPI and our download page. These releases address several security issues. We encourage all users of Django to upgrade as soon as possible.
    last seen2020-06-01
    modified2020-06-02
    plugin id80983
    published2015-01-26
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80983
    titleFreeBSD : django -- multiple vulnerabilities (9c7b6c20-a324-11e4-879c-00e0814cab4e)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-0790.NASL
    descriptionfix CVE-2015-0219 (rhbz#1181939) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-01-27
    plugin id81007
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81007
    titleFedora 20 : python-django-1.6.10-1.fc20 (2015-0790)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-0804.NASL
    descriptionupdate to 1.4.18 fixing multiple CVEs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-01-27
    plugin id81008
    published2015-01-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/81008
    titleFedora 20 : python-django14-1.4.18-1.fc20 (2015-0804)