Detections
Analytics

Debian DSA-3010-1 : python-django - security update

medium Nessus Plugin ID 77344

Language:

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems :

 - CVE-2014-0480 Florian Apolloner discovered that in certain situations, URL reversing could generate scheme-relative URLs which could unexpectedly redirect a user to a different host, leading to phishing attacks.

 - CVE-2014-0481 David Wilson reported a file upload denial of service vulnerability. Django's file upload handling in its default configuration may degrade to producing a huge number of `os.stat()` system calls when a duplicate filename is uploaded. A remote attacker with the ability to upload files can cause poor performance in the upload handler, eventually causing it to become very slow.

 - CVE-2014-0482 David Greisen discovered that under some circumstances, the use of the RemoteUserMiddleware middleware and the RemoteUserBackend authentication backend could result in one user receiving another user's session, if a change to the REMOTE_USER header occurred without corresponding logout/login actions.

 - CVE-2014-0483 Collin Anderson discovered that it is possible to reveal any field's data by modifying the 'popup' and 'to_field' parameters of the query string on an admin change form page. A user with access to the admin interface, and with sufficient knowledge of model structure and the appropriate URLs, could construct popup views which would display the values of non-relationship fields, including fields the application developer had not intended to expose in such a fashion.

Solution

Upgrade the python-django packages.

For the stable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u8.

See Also

https://security-tracker.debian.org/tracker/CVE-2014-0480

https://security-tracker.debian.org/tracker/CVE-2014-0481

https://security-tracker.debian.org/tracker/CVE-2014-0482

https://security-tracker.debian.org/tracker/CVE-2014-0483

https://packages.debian.org/source/wheezy/python-django

https://www.debian.org/security/2014/dsa-3010

Plugin Details

Severity: Medium

ID: 77344

File Name: debian_DSA-3010.nasl

Version: 1.8

Type: local

Agent: unix

Published: 8/23/2014

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:7.0, p-cpe:/a:debian:debian_linux:python-django

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 8/22/2014

Reference Information

CVE: CVE-2014-0480, CVE-2014-0481, CVE-2014-0482, CVE-2014-0483

DSA: 3010