Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 94190ded by Ola Lundqvist at 2019-06-09T22:16:22Z CVE-2017-1000600 and CVE-2018-1000773 are for the same underlying problem in wordpress. It is clear that there are a number of pre-conditions that must be in place for this being exploitable. From wordpress 4.9 and later a third party module must be installed on the site. The problem is there so it should not be declared as undetermined. The severity of the problem may not be enough for fixing then then it should be declared as postponed, ignored or similar instead. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -41727,7 +41727,8 @@ CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversa CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference vuln ...) NOT-FOR-US: zephyr-rtos CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...) - - wordpress <undetermined> + - wordpress 4.1+dfsg-1+deb8u17 + NOTE: See CVE-2017-1000600. That CVE is not completely fixed in wordpress 4.9. CVE-2018-1000673 REJECTED CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...) @@ -41763,11 +41764,16 @@ CVE-2018-1000659 (LimeSurvey version 3.14.4 and earlier contains a directory tra CVE-2018-1000658 (LimeSurvey version prior to 3.14.4 contains a file upload vulnerabilit ...) - limesurvey <itp> (bug #472802) CVE-2017-1000600 (WordPress version <4.9 contains a CWE-20 Input Validation vulnerabi ...) - - wordpress <undetermined> + - wordpress 4.1+dfsg-1+deb8u17 NOTE: https://www.securityfocus.com/bid/105305/references NOTE: https://www.theregister.co.uk/2018/08/20/php_unserialisation_wordpress_vuln/ NOTE: https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf + NOTE: https://www.youtube.com/watch?v=GePBmsNJw6Y&feature=youtu.be&t=1763 NOTE: https://twitter.com/_s_n_t/status/1030573635617124353 + NOTE: Wordpress before 4.9 is vulnerable on its own. After 4.9 you need to have + NOTE: vulnerable module installed on the site as well. This may affect the severity + NOTE: and importance of fixing but it should not be considered as undetermined. + NOTE: For wordpress 4.9 and later CVE-2018-1000773 has been issued. CVE-2018-16553 RESERVED CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/ ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/94190ded68b383d8244977a1a6e2b2314e21c119 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/94190ded68b383d8244977a1a6e2b2314e21c119 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits