Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 15 Dec 2016 12:46:09 -0500
From: <cve-assign@...re.org>
To: <carnil@...ian.org>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: CVE Request: FlightGear: Allows the route manager to overwrite arbitrary files

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://bugs.debian.org/848114
> https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/

>> + SGPath authorizedPath = fgValidatePath(path, true /* write */);

Use CVE-2016-9956.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYUtTdAAoJEHb/MwWLVhi2FvQQALOQ9koKeFNAWXn9+FVyNjUP
GZkG+4gC5q/33B1IY4UIF08TQuXGz2diPgORmkS2jRKPWz0LBQvgI0UhPUJZR48v
MjtR6x2kvHDb2JtXMBhmySZTvwez9MJ8XosoXsmemAY1m8BgmffxgI8xExXjPpph
B08bDQAB8tspqiONLaGT+fWyeObid0LnZg0TPxif3pdkW8k2ZpfQog7AtV/ShMqK
o9aGvozIOG4nRXbHORhJroS6RfBbiblblMDt6mD1U9MWi6EXOamvG2tvEeSqWwda
wCuoocCPWifL+ythFF73emldNTl8E84z3PjEvPIb3wW5QTnc2v8j58J2Nga5A/AJ
PCOVkB2cUa2gHsUpLZ6ahr8bjPV41FErgP0r7c72Pk0O1o+eieMKg5nzW56941h7
0c6ilhNHLN1uYXeelfLzM1Y3XqH4RdyDE24tAOP+b/kw8aEOj3WWpwWI1kPeooaD
vJ70dXWn5sRWiUVknptQAV8v71o/C8Ah0rE6ArnP4i7uF6LTBc85fv+ye3xP8y9e
iA5Q6HwkT/aJfW0jFPhCNg84wgxn+n13pyEppQ5ojjPJtzbaMHsI1AN294Y/FYYM
//cDvlr14sPIht1DXa94/gFBY1Sebkg3mk3AIYvVEEvCcq7Vmyo1htOeyraH0Kdc
ihaXPExomG2PvjS3JIjV
=JSzX
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ