CVE-2016-6175 and 851771

To: Salvatore Bonaccorso <carnil@debian.org>
Cc: Debian LTS <debian-lts@lists.debian.org>, 851771@bugs.debian.org
Subject: CVE-2016-6175 and 851771
From: Ola Lundqvist <ola@inguza.com>
Date: Sun, 22 Jan 2017 22:47:32 +0100
Message-id: <[🔎] CABY6=0k9dONZ=OFbghADUt3awC9c2ufGyu54RtSi-61wxSVvUw@mail.gmail.com>

Hi Salvatore

I started checking the CVEs for php-gettext and I'm not sure I follow
the information for CVE-2016-6175.
Maybe you have more data than I do.

The vulnerability is that a malicous user that have permission to
craft .mo files in the target filesystem could execute any php code on
that system.
I find that a quite unlikely attack vector. Based on this I also think
the bug should have a different priority than grave.

Or have I missed anything crucial?

I'm asking as I plan to mark this one as no-dsa for wheezy.

Best regards

// Ola

PS. There is another bug on the same package and that one should
probably have a grave bug filed, but that is another story.
DS.

-- 
 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------

Reply to:

Prev by Date: pdns-recursor DLA 788-1 CVE-2016-7068
Next by Date: ming security update for Wheezy LTS
Previous by thread: Re: pdns-recursor DLA 788-1 CVE-2016-7068
Next by thread: ming security update for Wheezy LTS
Index(es):
- Date
- Thread