CVE-2015-5963 – python-django: Denial-of-service possibility in logout() view by filling session store
https://notcve.org/view.php?id=CVE-2015-5963
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record removal) via a large number of requests to contrib.auth.views.logout, which triggers the creation of an empty session record. Vulnerabilidad en contrib.sessions.middleware.SessionMiddleware en Django 1.8.x en versiones anteriores a 1.8.4, 1.7.x en versiones anteriores a 1.7.10, 1.4.x en versiones anteriores a 1.4.22 y posiblemente otras versiones, permite a atacantes remotos causar una denegación de servicio (consumo de almacén de sesión o eliminación de registro de sesión) a través de un gran número de peticiones a contrib.auth.views.logout, lo que desencadena la creación de un registro de sesión vacío. It was found that Django incorrectly handled the session store. A session could be created by anonymously accessing the django.contrib.auth.views.logout view if it was not decorated correctly with django.contrib.auth.decorators.login_required. A remote attacker could use this flaw to fill up the session store or cause other users' session records to be evicted by requesting a large number of new sessions. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00026.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00035.html http://rhn.redhat.com/errata/RHSA-2015-1766.html http://rhn.redhat.com/errata/RHSA-2015-1767.html http://rhn.redhat.com/errata/RHSA-2015-1894.html http://www.debian.org/security/2015/dsa-3338 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http: • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2015-5964 – python-django: Denial-of-service possibility in logout() view by filling session store
https://notcve.org/view.php?id=CVE-2015-5964
The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service (session store consumption) via unspecified vectors. Vulnerabilidad en las funciones (1) contrib.sessions.backends.base.SessionBase.flush y (2) cache_db.SessionStore.flush en Django 1.7.x en versiones anteriores a 1.7.10, 1.4.x en versiones anteriores a 1.4.22 y posiblemente en otras versiones, crea sesiones vacías en ciertas circunstancias, que permite a atacantes remotos causar una denegación de servicio (consumo de almacén de sesión) a través de vectores no especificados. It was found that certain Django functions would, in certain circumstances, create empty sessions. A remote attacker could use this flaw to fill up the session store or cause other users' session records to be evicted by requesting a large number of new sessions. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html http://rhn.redhat.com/errata/RHSA-2015-1766.html http://rhn.redhat.com/errata/RHSA-2015-1767.html http://rhn.redhat.com/errata/RHSA-2015-1894.html http://www.debian.org/security/2015/dsa-3338 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/76440 http://www.securitytracker.com/id/1033318 http://www.ubuntu.com/usn/USN-2720-1 https: • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2015-5145
https://notcve.org/view.php?id=CVE-2015-5145
validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. validators.URLValidator en Django 1.8.x anteriores a 1.8.3 permite a atacantes causar una denegación de servicios mediante el consumo de la CPU a través de vectores no especificados. • http://www.securityfocus.com/bid/75691 http://www.securitytracker.com/id/1032820 https://security.gentoo.org/glsa/201510-06 https://www.djangoproject.com/weblog/2015/jul/08/security-releases • CWE-399: Resource Management Errors •
CVE-2015-5144
https://notcve.org/view.php?id=CVE-2015-5144
Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3) validate_ipv4_address or (4) validate_slug validator. Django antes de 1.4.21, de 1.5.x hasta 1.6.x, 1.7.x anteriores a 1.7.9 y 1.8.x anteriores a 1.8.3 utiliza una expresión regular incorrecta lo que permite a atacantes remotos inyectar cabeceras arbitrarias para realizar ataques de división de respuesta HTTP a través de un caracter de nueva línea en (1) mensaje de correo electrónico al EmailValidator, ( 2 ) una URL al URLValidator o vectores no especificados en el ( 3 ) validate_ipv4_address o (4 ) validador validate_slug. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html http://www.debian.org/security/2015/dsa-3305 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75665 http://www.securitytracker.com/id/1032820 http://www.ubuntu.com/usn/USN-2671-1 https://security.gentoo.org/glsa/ • CWE-20: Improper Input Validation •
CVE-2015-5143 – Django: possible DoS by filling session store
https://notcve.org/view.php?id=CVE-2015-5143
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys. La sesión Backend en Django anteriores a 1.4.21, de 1.5.x hasta 1.6.x, 1.7.x anteriores a 1.7.9 y 1.8.x anteriores a 1.8.3, permite a un atacante causar una denegación de servicios mediante el consumo de almacenamiento de sesión a través de múltiples peticiones con una única clave de sesión. A flaw was found in the Django session backend, which could allow an unauthenticated attacker to create session records in the configured session store, causing a denial of service by filling up the session store. • http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172084.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00043.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00046.html http://rhn.redhat.com/errata/RHSA-2015-1678.html http://rhn.redhat.com/errata/RHSA-2015-1686.html http://www.debian.org/security/2015/dsa-3305 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/75666 http://www.s • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •