Lucene search
Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5204-1.NASLHistoryJan 05, 2022 - 12:00 a.m.
Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerabilities (USN-5204-1)
2022-01-0500:00:00
Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5204-1 advisory.
-
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1.
UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack. (CVE-2021-45115) -
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language’s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key. (CVE-2021-45116)
-
Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. (CVE-2021-45452)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5204-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(156472);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/16");
script_cve_id("CVE-2021-45115", "CVE-2021-45116", "CVE-2021-45452");
script_xref(name:"USN", value:"5204-1");
script_name(english:"Ubuntu 18.04 LTS / 20.04 LTS : Django vulnerabilities (USN-5204-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in
the USN-5204-1 advisory.
- An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1.
UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was
artificially large in relation to the comparison values. In a situation where access to user registration
was unrestricted, this provided a potential vector for a denial-of-service attack. (CVE-2021-45115)
- An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to
leveraging the Django Template Language's variable resolution logic, the dictsort template filter was
potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably
crafted key. (CVE-2021-45116)
- Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory
traversal if crafted filenames are directly passed to it. (CVE-2021-45452)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5204-1");
script_set_attribute(attribute:"solution", value:
"Update the affected python-django, python-django-common and / or python3-django packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-45452");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-45116");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/05");
script_set_attribute(attribute:"patch_publication_date", value:"2022/01/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/01/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-django");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-django-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3-django");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '18.04', 'pkgname': 'python-django', 'pkgver': '1:1.11.11-1ubuntu1.15'},
{'osver': '18.04', 'pkgname': 'python-django-common', 'pkgver': '1:1.11.11-1ubuntu1.15'},
{'osver': '18.04', 'pkgname': 'python3-django', 'pkgver': '1:1.11.11-1ubuntu1.15'},
{'osver': '20.04', 'pkgname': 'python3-django', 'pkgver': '2:2.2.12-1ubuntu0.9'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-django / python-django-common / python3-django');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | 18.04 | cpe:/o:canonical:ubuntu_linux:18.04:-:lts |
| canonical | ubuntu_linux | 20.04 | cpe:/o:canonical:ubuntu_linux:20.04:-:lts |
| canonical | ubuntu_linux | python-django | p-cpe:/a:canonical:ubuntu_linux:python-django |
| canonical | ubuntu_linux | python-django-common | p-cpe:/a:canonical:ubuntu_linux:python-django-common |
| canonical | ubuntu_linux | python3-django | p-cpe:/a:canonical:ubuntu_linux:python3-django |
Related
altlinux
altlinux
redos
redos
ROS-20220112-04
2022-01-12 00:00:00
ubuntu
ubuntu
Django vulnerabilities
2022-01-05 00:00:00
openvas
openvas
Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Linux
2022-01-11 00:00:00
Mageia: Security Advisory (MGASA-2022-0011)
2022-01-28 00:00:00
mageia
mageia
Updated python-django packages fix security vulnerability
2022-01-11 10:12:42
nessus
nessus
FreeBSD : Django -- multiple vulnerabilities (d3e023fb-6e88-11ec-b948-080027240888)
2022-01-05 00:00:00
Debian DLA-3177-1 : python-django - LTS security update
2022-11-05 00:00:00
openSUSE 15 Security Update : python-Django (openSUSE-SU-2023:0005-1)
2023-01-04 00:00:00
osv
osv
python-django vulnerabilities
2022-01-05 13:21:45
python-django - security update
2022-11-04 00:00:00
CVE-2021-45452
2022-01-05 00:15:07
freebsd
freebsd
Django -- multiple vulnerabilities
2021-12-20 00:00:00
debian
debian
[SECURITY] [] python-django security update
2022-11-04 14:35:57
[SECURITY] [DLA 3191-1] python-django security update
2022-11-17 22:00:11
ubuntucve
ubuntucve
prion
prion
Directory traversal
2022-01-05 00:15:00
Information disclosure
2022-01-05 00:15:00
Design/Logic Flaw
2022-01-05 00:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: python-django-3.2.12-1.fc35
2022-02-11 01:23:09
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2022-01-06 09:09:31
Information Disclosure
2022-01-15 00:37:48
Path Traversal
2022-01-06 04:31:30
cve
cve
debiancve
debiancve
github
github
Denial-of-service in Django
2022-01-12 19:20:53
Information disclosure in Django
2022-01-12 19:21:10
Directory-traversal in Django
2022-01-12 19:21:04
alpinelinux
alpinelinux
cnvd
cnvd
Django Denial of Service Vulnerability (CNVD-2022-03215)
2022-01-06 00:00:00
rocky
rocky
Satellite 6.11 Release
2022-07-05 13:55:16
redhat
redhat
(RHSA-2022:5498) Moderate: Satellite 6.11 Release
2022-07-05 13:55:16
Related for UBUNTU_USN-5204-1.NASL