Bug 632239 - (CVE-2010-3082) CVE-2010-3082 Django CSRF flaw
CVE-2010-3082 Django CSRF flaw
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
public=20100908,reported=20100909,sou...
: Security
Depends On: 632240
Blocks:
  Show dependency treegraph
 
Reported: 2010-09-09 09:43 EDT by Josh Bressers
Modified: 2016-03-04 06:12 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-09-12 07:21:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2010-09-09 09:43:06 EDT
As of the 1.2 release, the core Django framework includes a system, enabled
by default, for detecting and preventing cross-site request forgery (CSRF)
attacks against Django-powered applications. Previous Django releases
provided a different, optionally-enabled system for the same purpose.

The Django 1.2 CSRF protection system involves the generation of a random
token, inserted as a hidden field in outgoing forms. The same value is also
set in a cookie, and the cookie value and form value are compared on
submission.

The provided template tag for inserting the CSRF token into forms -- {%
csrf_token %} -- explicitly trusts the cookie value, and displays it as-is.
Thus, an attacker who is able to tamper with the value of the CSRF cookie
can cause arbitrary content to be inserted, unescaped, into the outgoing
HTML of the form, enabling cross-site scripting (XSS) attacks.

This issue was first reported via a public ticket in Django's Trac
instance; while being triaged it was then independently reported, with
broader description, by Jeff Balogh of Mozilla.

http://www.djangoproject.com/weblog/2010/sep/08/security-release/
Comment 1 Josh Bressers 2010-09-09 09:43:40 EDT
Created Django tracking bugs for this issue

Affects: fedora-all [bug 632240]
Comment 2 Steve Milner 2010-09-22 10:01:18 EDT
Most all of the updates have made it out -- there was a follow up release which happened while the packages were in testing which pushed the releases out a bit. The only outstanding package is for Fedora 14 which is pending to go to stable.

Note You need to log in before you can comment on or make changes to this bug.