Django 'Vary Header' Information Disclosure Vulnerability

Bugtraq ID: 67408
Class: Design Error
CVE: CVE-2014-1418
Remote: Yes
Local: No
Published: May 15 2014 12:00AM
Updated: May 07 2015 05:10PM
Credit: Michael Nelson, Natalia Bidart and James Westby
Vulnerable: Ubuntu Ubuntu Linux 14.04 LTS
Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 12.10 i386
Ubuntu Ubuntu Linux 12.10 amd64
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IBM SmartCloud Provisioning 2.3 FixPack 1
Gentoo Linux
Djangoproject Django 1.6.3
Djangoproject Django 1.6.2
Djangoproject Django 1.5.6
Djangoproject Django 1.5.5
Djangoproject Django 1.4.11
Djangoproject Django 1.4.10
Djangoproject Django 1.7 beta 3
Djangoproject Django 1.7 beta 2
Djangoproject Django 1.7 beta
Djangoproject Django 1.6.4
Djangoproject Django 1.6.1
Djangoproject Django 1.6 Beta4
Djangoproject Django 1.6 Beta3
Djangoproject Django 1.6 beta2
Djangoproject Django 1.6 Beta1
Djangoproject Django 1.6
Djangoproject Django 1.5.7
Djangoproject Django 1.5.4
Djangoproject Django 1.5.2
Djangoproject Django 1.5.1
Djangoproject Django 1.4.9
Djangoproject Django 1.4.8
Djangoproject Django 1.4.6
Djangoproject Django 1.4.5
Djangoproject Django 1.4.4
Djangoproject Django 1.4.12
Djangoproject Django 1.4.1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Djangoproject Django 1.7 beta 4
Djangoproject Django 1.6.5
Djangoproject Django 1.5.8
Djangoproject Django 1.4.13


 

Privacy Statement
Copyright 2010, SecurityFocus