Denial of Service : Django Forms Library Algorithmic Complexity Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900882

Categoría: Denial of Service

Título: Django Forms Library Algorithmic Complexity Vulnerability

Resumen: Django is prone to Algorithmic Complexity vulnerability.

Descripción: Summary:
Django is prone to Algorithmic Complexity vulnerability.

Vulnerability Insight:
The flaw is due to an error within the regular expressions used for
validation of the 'EmailField' or 'URLField' form fields in Django's forms library.

Vulnerability Impact:
Successful exploitation will allow attacker to cause a Denial of Service
due to high CPU consumption via specially crafted email addresses or URLs.

Affected Software/OS:
Django version prior to 1.0 before 1.0.4 and 1.1 before 1.1.1.

Solution:
Upgrade to Django version 1.0.4 or 1.1.1 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3695
BugTraq ID: 36655
http://www.securityfocus.com/bid/36655
Debian Security Information: DSA-1905 (Google Search)
http://www.debian.org/security/2009/dsa-1905
http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51/
http://www.openwall.com/lists/oss-security/2009/10/13/6
http://secunia.com/advisories/36948
http://secunia.com/advisories/36968
http://www.vupen.com/english/advisories/2009/2871
XForce ISS Database: django-emailfield-urlfield-dos(53727)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53727

Copyright Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900882
Categoría:	Denial of Service
Título:	Django Forms Library Algorithmic Complexity Vulnerability
Resumen:	Django is prone to Algorithmic Complexity vulnerability.
Descripción:	Summary: Django is prone to Algorithmic Complexity vulnerability. Vulnerability Insight: The flaw is due to an error within the regular expressions used for validation of the 'EmailField' or 'URLField' form fields in Django's forms library. Vulnerability Impact: Successful exploitation will allow attacker to cause a Denial of Service due to high CPU consumption via specially crafted email addresses or URLs. Affected Software/OS: Django version prior to 1.0 before 1.0.4 and 1.1 before 1.1.1. Solution: Upgrade to Django version 1.0.4 or 1.1.1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3695 BugTraq ID: 36655 http://www.securityfocus.com/bid/36655 Debian Security Information: DSA-1905 (Google Search) http://www.debian.org/security/2009/dsa-1905 http://groups.google.com/group/django-users/browse_thread/thread/15df9e45118dfc51/ http://www.openwall.com/lists/oss-security/2009/10/13/6 http://secunia.com/advisories/36948 http://secunia.com/advisories/36968 http://www.vupen.com/english/advisories/2009/2871 XForce ISS Database: django-emailfield-urlfield-dos(53727) https://exchange.xforce.ibmcloud.com/vulnerabilities/53727
Copyright	Copyright (C) 2009 Greenbone AG