CVE-2010-4534
published 2011-01-10CVE-2010-4534: The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of…
PriorityP418medium4CVSS 2.0
AVNACLAuSCPINAN
EPSS
1.70%
74.3th percentile
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.2.4-1 (bookworm) | python-django 1.2.4-1 (bookworm) |
| djangoproject | django | <= 1.1.2 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 0 < 1.1.3 | 1.1.3 |
| djangoproject | django | >= 1.2 < 1.2.4 | 1.2.4 |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv4.0MEDIUM
vendor_debian4.0MEDIUM
vendor_ubuntu4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2011-01-07·CVSS 4.0
CVE-2010-4534 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: An attacker could send crafted input to Django and cause it to utilize
too many resources.
Adam Baldwin discovered that Django did not properly validate query string
lookups. This could be exploited to provide an information leak to an
attacker with admin privilieges. (CVE-2010-4534)
Paul McMillan discovered that Django did not validate the length of the
token used when generating a password reset. An attacker could exploit
this to cause a denial of service via resource exhaustion. (CVE-2010-4535)
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2010-4534: python-django - The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2...
vendor_debian·2010·CVSS 4.0
CVE-2010-4534 [MEDIUM] CVE-2010-4534: python-django - The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2...
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.
Scope: local
bookworm: resolved (fixed in 1.2.4-1)
bullseye: resolved (fixed in 1.2.4-1)
forky: resolved (fixed in 1.2.4-1)
sid: resolved (fixed in 1.2.4-1)
trixie: resolved (fixed in 1.2.4-1)
GHSA
Improper query string handling in Django
ghsa·2018-07-23
CVE-2010-4534 [HIGH] CWE-20 Improper query string handling in Django
Improper query string handling in Django
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.
OSV
Improper query string handling in Django
osv·2018-07-23
CVE-2010-4534 [HIGH] Improper query string handling in Django
Improper query string handling in Django
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.
OSV
CVE-2010-4534: The administrative interface in django
osv·2011-01-10·CVSS 4.0
CVE-2010-4534 [MEDIUM] CVE-2010-4534: The administrative interface in django
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series of requests containing regular expressions, as demonstrated by a created_by__password__regex parameter.
No detection rules found.
No public exploits indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.htmlhttp://code.djangoproject.com/changeset/15031http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.htmlhttp://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/http://secunia.com/advisories/42715http://secunia.com/advisories/42827http://secunia.com/advisories/42913http://www.djangoproject.com/weblog/2010/dec/22/security/http://www.openwall.com/lists/oss-security/2010/12/23/4http://www.openwall.com/lists/oss-security/2011/01/03/5http://www.securityfocus.com/archive/1/515446http://www.securityfocus.com/bid/45562http://www.ubuntu.com/usn/USN-1040-1http://www.vupen.com/english/advisories/2011/0048http://www.vupen.com/english/advisories/2011/0098https://bugzilla.redhat.com/show_bug.cgi?id=665373http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.htmlhttp://code.djangoproject.com/changeset/15031http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.htmlhttp://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/http://secunia.com/advisories/42715http://secunia.com/advisories/42827http://secunia.com/advisories/42913http://www.djangoproject.com/weblog/2010/dec/22/security/http://www.openwall.com/lists/oss-security/2010/12/23/4http://www.openwall.com/lists/oss-security/2011/01/03/5http://www.securityfocus.com/archive/1/515446http://www.securityfocus.com/bid/45562http://www.ubuntu.com/usn/USN-1040-1http://www.vupen.com/english/advisories/2011/0048http://www.vupen.com/english/advisories/2011/0098https://bugzilla.redhat.com/show_bug.cgi?id=665373
2011-01-10
Published