CVE-2011-4140
published 2011-10-19CVE-2011-4140: The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host…
PriorityP428medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.09%
61.3th percentile
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | python-django | < python-django 1.3.1-1 (bookworm) | python-django 1.3.1-1 (bookworm) |
| djangoproject | django | <= 1.2.6 | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | — | — |
| djangoproject | django | 0 – 1.2.7 | — |
| djangoproject | django | 1.3 – 1.3.1 | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Django Cross-Site Request Forgery vulnerability
ghsa·2018-07-23
CVE-2011-4140 [HIGH] CWE-352 Django Cross-Site Request Forgery vulnerability
Django Cross-Site Request Forgery vulnerability
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
OSV
Django Cross-Site Request Forgery vulnerability
osv·2018-07-23
CVE-2011-4140 [HIGH] Django Cross-Site Request Forgery vulnerability
Django Cross-Site Request Forgery vulnerability
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
OSV
CVE-2011-4140: The CSRF protection mechanism in Django through 1
osv·2011-10-19·CVSS 6.8
CVE-2011-4140 [MEDIUM] CVE-2011-4140: The CSRF protection mechanism in Django through 1
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
Debian
CVE-2011-4140: python-django - The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 do...
vendor_debian·2011·CVSS 6.8
CVE-2011-4140 [MEDIUM] CVE-2011-4140: python-django - The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 do...
The CSRF protection mechanism in Django through 1.2.7 and 1.3.x through 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote attackers to trigger unauthenticated forged requests via vectors involving a DNS CNAME record and a web page containing JavaScript code.
Scope: local
bookworm: resolved (fixed in 1.3.1-1)
bullseye: resolved (fixed in 1.3.1-1)
forky: resolved (fixed in 1.3.1-1)
sid: resolved (fixed in 1.3.1-1)
trixie: resolved (fixed in 1.3.1-1)
No detection rules found.
Bugzilla
CVE-2011-4136, CVE-2011-4137, CVE-2011-4138, CVE-2011-4139, CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws [epel-6]
bugzilla·2011-09-30·CVSS 5.8
CVE-2011-4136 [MEDIUM] CVE-2011-4136, CVE-2011-4137, CVE-2011-4138, CVE-2011-4139, CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws [epel-6]
CVE-2011-4136, CVE-2011-4137, CVE-2011-4138, CVE-2011-4139, CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws [epel-6]
epel-6 tracking bug for Django: see blocks bug list for full details of the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
Discussion:
Missed the 1.2.7 errata announcement, my apologies.
---
Django-1.2.7-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/Django-1.2.7-1.el6
---
Package Django-1.2.7-1.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=ep
Bugzilla
CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws
bugzilla·2011-09-11·CVSS 5.8
CVE-2011-4136 [MEDIUM] CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws
CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140 Django: v1.3.1, v1.2.7 multiple security flaws
Multiple security flaws have been recently addressed in the v1.3.1 and v1.2.7 versions of the Django Python Web framework (from [1]):
1, Session manipulation,
2, Denial of service attack via URLField,
3, URLField redirection,
4, Host header cache poisoning,
5, Host header and CSRF,
6, Cross-subdomain CSRF attacks,
7, DEBUG pages and sensitive POST data
References:
[1] https://www.djangoproject.com/weblog/2011/sep/09/
Discussion:
Created attachment 522611
Local text copy of Django upstream archive post from 2011-09-09
---
CVE(s) Request:
[2] http://www.openwall.com/lists/oss-security/2011/09/11/1
---
These issues are scheduled to be addressed in the following releases
http://openwall.com/lists/oss-security/2011/09/11/1http://openwall.com/lists/oss-security/2011/09/13/2http://secunia.com/advisories/46614http://www.debian.org/security/2011/dsa-2332https://bugzilla.redhat.com/show_bug.cgi?id=737366https://hermes.opensuse.org/messages/14700881https://www.djangoproject.com/weblog/2011/sep/09/https://www.djangoproject.com/weblog/2011/sep/10/127/http://openwall.com/lists/oss-security/2011/09/11/1http://openwall.com/lists/oss-security/2011/09/13/2http://secunia.com/advisories/46614http://www.debian.org/security/2011/dsa-2332https://bugzilla.redhat.com/show_bug.cgi?id=737366https://hermes.opensuse.org/messages/14700881https://www.djangoproject.com/weblog/2011/sep/09/https://www.djangoproject.com/weblog/2011/sep/10/127/
2011-10-19
Published