CVE-2010-4534

Severity

40%

Complexity

80%

Confidentiality

48%

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N).

Overview

Type

Django Project Django

First reported 14 years ago

2011-01-10 20:00:00

Last updated 14 years ago

2011-01-20 06:46:00

Affected Software

Django Project Django 0.95

0.95

Django Project Django 0.96

0.96

Django Project Django 1.0

1.0

Django Project Django 1.0.1

1.0.1

Django Project Django 1.0.2

1.0.2

Django Project Django 1.1

1.1

Django Project Django 1.2

1.2

Django Project Django 1.2.1

1.2.1

Django Project Django 1.2.2

1.2.2

Django Project Django 1.2.3

1.2.3

Django Project Django 1.3 alpha1

1.3

References

20101223 Django admin list filter data extraction / leakage

Exploit

http://code.djangoproject.com/changeset/15031

Patch

http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/

Exploit

FEDORA-2011-0096

FEDORA-2011-0120

http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/

Exploit

42715

Vendor Advisory

42827

42913

http://www.djangoproject.com/weblog/2010/dec/22/security/

Patch, Vendor Advisory

[oss-security] 20101223 CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws

Patch

[oss-security] 20110103 Re: CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws

Patch

20101223 Django admin list filter data extraction / leakage

45562

USN-1040-1

ADV-2011-0048

ADV-2011-0098

https://bugzilla.redhat.com/show_bug.cgi?id=665373

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.