Mandriva Linux Security Advisory : python-django (MDVSA-2012:143)

medium Nessus Plugin ID 61988

Synopsis

The remote Mandriva Linux host is missing a security update.

Description

Multiple vulnerabilities has been discovered and corrected in python-django :

The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via a data: URL (CVE-2012-3442).

The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file (CVE-2012-3443).

The get_image_dimensions function in the image-handling functionality in Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in all attempts to determine dimensions, which allows remote attackers to cause a denial of service (process or thread consumption) via a large TIFF image (CVE-2012-3444).

The updated packages have been upgraded to the 1.3.3 version which is not vulnerable to these issues.

Solution

Update the affected python-django package.

See Also

http://www.nessus.org/u?27d596e2

Plugin Details

Severity: Medium

ID: 61988

File Name: mandriva_MDVSA-2012-143.nasl

Version: 1.7

Type: local

Published: 9/6/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:python-django, cpe:/o:mandriva:linux:2011

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/23/2012

Reference Information

CVE: CVE-2012-3442, CVE-2012-3443, CVE-2012-3444

BID: 54742

MDVSA: 2012:143