Bug 1252890 (CVE-2015-5963)
Summary: | CVE-2015-5963 python-django: Denial-of-service possibility in logout() view by filling session store | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vasyl Kaigorodov <vkaigoro> | ||||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||||
Severity: | medium | Docs Contact: | |||||||||||
Priority: | medium | ||||||||||||
Version: | unspecified | CC: | abaron, aortega, apevec, ayoung, chrisw, dallan, gkotton, gmollett, jjoyce, jrusnack, jschluet, kbasil, lhh, lpeer, markmc, mburns, mrunge, rbryant, sclewis, security-response-team, slinaber, slong, tdecacqu, yeylon | ||||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||||
Target Release: | --- | ||||||||||||
Hardware: | All | ||||||||||||
OS: | Linux | ||||||||||||
Whiteboard: | |||||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||||
Doc Text: |
It was found that Django incorrectly handled the session store. A session could be created by anonymously accessing the django.contrib.auth.views.logout view if it was not decorated correctly with django.contrib.auth.decorators.login_required. A remote attacker could use this flaw to fill up the session store or cause other users' session records to be evicted by requesting a large number of new sessions.
|
Story Points: | --- | ||||||||||
Clone Of: | Environment: | ||||||||||||
Last Closed: | 2015-10-15 23:01:52 UTC | Type: | --- | ||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||
Documentation: | --- | CRM: | |||||||||||
Verified Versions: | Category: | --- | |||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
Embargoed: | |||||||||||||
Bug Depends On: | 1254911, 1254912, 1254913, 1254914, 1254915, 1260506, 1260508 | ||||||||||||
Bug Blocks: | 1252892 | ||||||||||||
Attachments: |
|
Description
Vasyl Kaigorodov
2015-08-12 13:02:37 UTC
Created attachment 1061941 [details]
session-store-1.4.x.diff
Created attachment 1061942 [details]
session-store-1.7.x.diff
Created attachment 1061943 [details]
session-store-1.8.x.diff
Created attachment 1061944 [details]
session-store-master.diff
Acknowledgements: Red Hat would like to thank the upstream Django project for reporting this issue. Created python-django tracking bugs for this issue: Affects: openstack-rdo [bug 1260506] This issue has been addressed in the following products: OpenStack 5 for RHEL 6 Via RHSA-2015:1766 https://rhn.redhat.com/errata/RHSA-2015-1766.html This issue has been addressed in the following products: OpenStack 5 for RHEL 7 Via RHSA-2015:1767 https://rhn.redhat.com/errata/RHSA-2015-1767.html This issue has been addressed in the following products: OpenStack 7 For RHEL 7 Via RHSA-2015:1876 https://access.redhat.com/errata/RHSA-2015:1876 This issue has been addressed in the following products: OpenStack 6 for RHEL 7 Via RHSA-2015:1894 https://rhn.redhat.com/errata/RHSA-2015-1894.html |