Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
94190ded by Ola Lundqvist at 2019-06-09T22:16:22Z
CVE-2017-1000600 and CVE-2018-1000773 are for the same underlying problem in
wordpress.
It is clear that there are a number of pre-conditions that must be in place for
this
being exploitable. From wordpress 4.9 and later a third party module must be
installed on the site.
The problem is there so it should not be declared as undetermined.
The severity of the problem may not be enough for fixing then then it should be
declared as
postponed, ignored or similar instead.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41727,7 +41727,8 @@ CVE-2018-1000801 (okular version 18.08 and earlier
contains a Directory Traversa
CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer
reference vuln ...)
NOT-FOR-US: zephyr-rtos
CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input
Validation ...)
- - wordpress <undetermined>
+ - wordpress 4.1+dfsg-1+deb8u17
+ NOTE: See CVE-2017-1000600. That CVE is not completely fixed in
wordpress 4.9.
CVE-2018-1000673
REJECTED
CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL
Redirection to ...)
@@ -41763,11 +41764,16 @@ CVE-2018-1000659 (LimeSurvey version 3.14.4 and
earlier contains a directory tra
CVE-2018-1000658 (LimeSurvey version prior to 3.14.4 contains a file upload
vulnerabilit ...)
- limesurvey <itp> (bug #472802)
CVE-2017-1000600 (WordPress version <4.9 contains a CWE-20 Input Validation
vulnerabi ...)
- - wordpress <undetermined>
+ - wordpress 4.1+dfsg-1+deb8u17
NOTE: https://www.securityfocus.com/bid/105305/references
NOTE:
https://www.theregister.co.uk/2018/08/20/php_unserialisation_wordpress_vuln/
NOTE:
https://cdn2.hubspot.net/hubfs/3853213/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-....pdf
+ NOTE:
https://www.youtube.com/watch?v=GePBmsNJw6Y&feature=youtu.be&t=1763
NOTE: https://twitter.com/_s_n_t/status/1030573635617124353
+ NOTE: Wordpress before 4.9 is vulnerable on its own. After 4.9 you need
to have
+ NOTE: vulnerable module installed on the site as well. This may affect
the severity
+ NOTE: and importance of fixing but it should not be considered as
undetermined.
+ NOTE: For wordpress 4.9 and later CVE-2018-1000773 has been issued.
CVE-2018-16553
RESERVED
CVE-2018-16552 (MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/,
/users/##/ ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/94190ded68b383d8244977a1a6e2b2314e21c119
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/94190ded68b383d8244977a1a6e2b2314e21c119
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
