FreeBSD Local Security Checks : django -- multiple vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68824

Categoría: FreeBSD Local Security Checks

Título: django -- multiple vulnerabilities

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

py23-django
py24-django
py25-django
py26-django
py27-django
py30-django
py31-django
py23-django-devel
py24-django-devel
py25-django-devel
py26-django-devel
py27-django-devel
py30-django-devel
py31-django-devel

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4534
20101223 Django admin list filter data extraction / leakage
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.html
http://www.securityfocus.com/archive/1/515446
42715
http://secunia.com/advisories/42715
42827
http://secunia.com/advisories/42827
42913
http://secunia.com/advisories/42913
45562
http://www.securityfocus.com/bid/45562
ADV-2011-0048
http://www.vupen.com/english/advisories/2011/0048
ADV-2011-0098
http://www.vupen.com/english/advisories/2011/0098
FEDORA-2011-0096
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html
FEDORA-2011-0120
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html
USN-1040-1
http://www.ubuntu.com/usn/USN-1040-1
[oss-security] 20101223 CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws
http://www.openwall.com/lists/oss-security/2010/12/23/4
[oss-security] 20110103 Re: CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws
http://www.openwall.com/lists/oss-security/2011/01/03/5
http://code.djangoproject.com/changeset/15031
http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/
http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/
http://www.djangoproject.com/weblog/2010/dec/22/security/
https://bugzilla.redhat.com/show_bug.cgi?id=665373

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68824
Categoría:	FreeBSD Local Security Checks
Título:	django -- multiple vulnerabilities
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: py23-django py24-django py25-django py26-django py27-django py30-django py31-django py23-django-devel py24-django-devel py25-django-devel py26-django-devel py27-django-devel py30-django-devel py31-django-devel Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4534 20101223 Django admin list filter data extraction / leakage http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0580.html http://www.securityfocus.com/archive/1/515446 42715 http://secunia.com/advisories/42715 42827 http://secunia.com/advisories/42827 42913 http://secunia.com/advisories/42913 45562 http://www.securityfocus.com/bid/45562 ADV-2011-0048 http://www.vupen.com/english/advisories/2011/0048 ADV-2011-0098 http://www.vupen.com/english/advisories/2011/0098 FEDORA-2011-0096 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html FEDORA-2011-0120 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html USN-1040-1 http://www.ubuntu.com/usn/USN-1040-1 [oss-security] 20101223 CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws http://www.openwall.com/lists/oss-security/2010/12/23/4 [oss-security] 20110103 Re: CVE Request -- Django 1.2.4, Django 1.1.3 and Django 1.3 beta 1 -- addressing two security flaws http://www.openwall.com/lists/oss-security/2011/01/03/5 http://code.djangoproject.com/changeset/15031 http://evilpacket.net/2010/dec/22/information-leakage-django-administrative-interfac/ http://ngenuity-is.com/advisories/2010/dec/22/information-leakage-in-django-administrative-inter/ http://www.djangoproject.com/weblog/2010/dec/22/security/ https://bugzilla.redhat.com/show_bug.cgi?id=665373
Copyright	Copyright (C) 2011 E-Soft Inc.