CVE-2010-4535
published 2011-01-10CVE-2010-4535: The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of…
PriorityP424medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
3.35%
87.2th percentile
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service (resource consumption) via a URL that specifies a large base36 integer.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.2.4-1 (bookworm) | python-django 1.2.4-1 (bookworm) |
| djangoproject | django | <= 1.1.2 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | >= 0 < 1.1.3 | 1.1.3 |
| djangoproject | django | >= 1.2 < 1.2.4 | 1.2.4 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_ubuntu4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Improper date handling in Django
osv·2018-07-23
CVE-2010-4535 [MEDIUM] Improper date handling in Django
Improper date handling in Django
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service (resource consumption) via a URL that specifies a large base36 integer.
GHSA
Improper date handling in Django
ghsa·2018-07-23
CVE-2010-4535 [MEDIUM] CWE-20 Improper date handling in Django
Improper date handling in Django
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service (resource consumption) via a URL that specifies a large base36 integer.
OSV
CVE-2010-4535: The password reset functionality in django
osv·2011-01-10·CVSS 5.0
CVE-2010-4535 [MEDIUM] CVE-2010-4535: The password reset functionality in django
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service (resource consumption) via a URL that specifies a large base36 integer.
Ubuntu
Django vulnerabilities
vendor_ubuntu·2011-01-07·CVSS 4.0
CVE-2010-4534 [MEDIUM] Django vulnerabilities
Title: Django vulnerabilities
Summary: An attacker could send crafted input to Django and cause it to utilize
too many resources.
Adam Baldwin discovered that Django did not properly validate query string
lookups. This could be exploited to provide an information leak to an
attacker with admin privilieges. (CVE-2010-4534)
Paul McMillan discovered that Django did not validate the length of the
token used when generating a password reset. An attacker could exploit
this to cause a denial of service via resource exhaustion. (CVE-2010-4535)
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2010-4535: python-django - The password reset functionality in django.contrib.auth in Django before 1.1.3, ...
vendor_debian·2010·CVSS 5.0
CVE-2010-4535 [MEDIUM] CVE-2010-4535: python-django - The password reset functionality in django.contrib.auth in Django before 1.1.3, ...
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial of service (resource consumption) via a URL that specifies a large base36 integer.
Scope: local
bookworm: resolved (fixed in 1.2.4-1)
bullseye: resolved (fixed in 1.2.4-1)
forky: resolved (fixed in 1.2.4-1)
sid: resolved (fixed in 1.2.4-1)
trixie: resolved (fixed in 1.2.4-1)
No detection rules found.
http://code.djangoproject.com/changeset/15032http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.htmlhttp://secunia.com/advisories/42715http://secunia.com/advisories/42827http://secunia.com/advisories/42913http://www.djangoproject.com/weblog/2010/dec/22/security/http://www.openwall.com/lists/oss-security/2010/12/23/4http://www.openwall.com/lists/oss-security/2011/01/03/5http://www.securityfocus.com/bid/45563http://www.ubuntu.com/usn/USN-1040-1http://www.vupen.com/english/advisories/2011/0048http://www.vupen.com/english/advisories/2011/0098https://bugzilla.redhat.com/show_bug.cgi?id=665373http://code.djangoproject.com/changeset/15032http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.htmlhttp://secunia.com/advisories/42715http://secunia.com/advisories/42827http://secunia.com/advisories/42913http://www.djangoproject.com/weblog/2010/dec/22/security/http://www.openwall.com/lists/oss-security/2010/12/23/4http://www.openwall.com/lists/oss-security/2011/01/03/5http://www.securityfocus.com/bid/45563http://www.ubuntu.com/usn/USN-1040-1http://www.vupen.com/english/advisories/2011/0048http://www.vupen.com/english/advisories/2011/0098https://bugzilla.redhat.com/show_bug.cgi?id=665373
2011-01-10
Published