Django Authentication Bypass Weakness
BID:22138
Info
Django Authentication Bypass Weakness
| Bugtraq ID: | 22138 |
| Class: | Design Error |
| CVE: |
CVE-2007-0405 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 19 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | The vendor reported this vulnerability. |
| Vulnerable: |
Django Django 0.95 |
| Not Vulnerable: | |
Discussion
Django Authentication Bypass Weakness
Django is prone to a weakness that may permit attackers to bypass the application's authentication mechanism.
Exploiting this issue may allow an attacker to gain unauthorized access to the affected application. This may lead to other attacks.
Django is prone to a weakness that may permit attackers to bypass the application's authentication mechanism.
Exploiting this issue may allow an attacker to gain unauthorized access to the affected application. This may lead to other attacks.
Exploit / POC
Django Authentication Bypass Weakness
An attacker can exploit this issue via a web client.
An attacker can exploit this issue via a web client.
Solution / Fix
Django Authentication Bypass Weakness
Solution:
The vendor has released the SVN version 0.95 to address this issue; please see the references for more information.
Django Django 0.95
Solution:
The vendor has released the SVN version 0.95 to address this issue; please see the references for more information.
Django Django 0.95
-
Django Django-0.95.tar.gz
http://www.djangoproject.com/download/0.95/tarball/Django-0.95.tar.gz
References
Django Authentication Bypass Weakness
References:
References: