Django 'return()' Function URI Redirection Vulnerability
BID:69425
CVE-2014-480 |Info
Django 'return()' Function URI Redirection Vulnerability
| Bugtraq ID: | 69425 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-0480 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 26 2014 12:00AM |
| Updated: | Apr 13 2015 10:18PM |
| Credit: | Florian Apolloner |
| Vulnerable: |
Ubuntu Ubuntu Linux 14.04 LTS Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 Gentoo Linux Djangoproject Django 1.7 Djangoproject Django 1.6.5 Djangoproject Django 1.6 Djangoproject Django 1.5.8 Djangoproject Django 1.5.6 Djangoproject Django 1.5.4 Djangoproject Django 1.5.3 Djangoproject Django 1.5.2 Djangoproject Django 1.4.13 Djangoproject Django 1.4.11 Djangoproject Django 1.4.8 Djangoproject Django 1.4.7 Djangoproject Django 1.4.6 Djangoproject Django 1.4.5 Djangoproject Django 1.4.4 Djangoproject Django 1.4.2 Djangoproject Django 1.4.1 Djangoproject Django 1.4 Djangoproject Django 1.5.1 Djangoproject Django 1.5.0 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: |
Djangoproject Django 1.6.6 Djangoproject Django 1.5.9 Djangoproject Django 1.4.14 Djangoproject Django 1.7 rc 3 |
Discussion
Django 'return()' Function URI Redirection Vulnerability
Django is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.
A successful exploit may aid in phishing attacks; other attacks are possible.
Versions prior to Django 1.4.14, 1.5.9, 1.6.6 and 1.7 rc3 are vulnerable.
Django is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.
A successful exploit may aid in phishing attacks; other attacks are possible.
Versions prior to Django 1.4.14, 1.5.9, 1.6.6 and 1.7 rc3 are vulnerable.
Exploit / POC
Django 'return()' Function URI Redirection Vulnerability
An attacker can exploit this issue by enticing an unsuspecting victim to following a malicious URI.
An attacker can exploit this issue by enticing an unsuspecting victim to following a malicious URI.
Solution / Fix
Django 'return()' Function URI Redirection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Mandriva Business Server 1 X86 64
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Mandriva Business Server 1 X86 64
-
Mandriva python-django-1.3.7-1.5.mbs1.noarch.rpm
http://www.mandriva.com/en/downloads/
References
Django 'return()' Function URI Redirection Vulnerability
References:
References:
- Django Homepage (Django)
- Security releases issued (Django)
- DSA-3010-1 python-django -- security update (Debian)