Mandriva Linux Security Advisory : python-django (MDVSA-2012:181)

Medium Nessus Plugin ID 63312


The remote Mandriva Linux host is missing a security update.


Multiple host header poisoning flaws were found and fixed in Django.

The updated packages have been upgraded to the 1.3.5 version which is not affected by these issues.


Update the affected python-django package.

See Also

Plugin Details

Severity: Medium

ID: 63312

File Name: mandriva_MDVSA-2012-181.nasl

Version: $Revision: 1.4 $

Type: local

Published: 2012/12/20

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.4

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:python-django, cpe:/o:mandriva:linux:2011

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/12/19

Reference Information

CVE: CVE-2012-4520

BID: 56146

MDVSA: 2012:181