Headline
CVE-2023-32787: Merge pull request #229 from OPCFoundation/224-maxconnectioncount-sho… · OPCFoundation/UA-Java-Legacy@6f176f2
The OPC UA Legacy Java Stack before 6f176f2 enables an attacker to block OPC UA server applications via uncontrolled resource consumption so that they can no longer serve client applications.
Expand Up
@@ -311,15 +311,27 @@ public void onStateTransition(IStatefulObject<SocketState, ?> monitor, SocketSta
setState(CloseableObjectState.Opening);
}
/**
* Start listening for data from the connection, note that data might be processed already before
* this method returns.
*/
public void init() {
s.getStateMonitor().addStateListener(socketListener);
s.getInputStream().createMonitor(8, inputListener);
// must set timeout timer here, because it might be canceled before the below monitor
// is triggered
if(rh == null) {
timeoutTimer = TimerUtil.schedule(
timer, timeout,
StackUtils.getBlockingWorkExecutor(),
System.currentTimeMillis() + handshakeTimeout);
}
// Start listening for the Hello (the inputListener will schedule itself again)
s.getInputStream().createMonitor(8, inputListener);
if(rh != null) {
s.getStateMonitor().addStateListener(new StateListener<SocketState>() {
@Override
Expand All
@@ -335,8 +347,8 @@ public void onStateTransition(
}
}
});
}
}
}
}
/** {@inheritDoc} */
@Override
Expand Down Expand Up
@@ -1234,7 +1246,8 @@ public void run() {
// number of supported SecureChannels. ")
if (msg.getMessage() instanceof ActivateSessionResponse) {
ActivateSessionResponse res = (ActivateSessionResponse) msg.getMessage();
if (res.getResponseHeader().getServiceResult().isGood()) {
if ((res.getResponseHeader() != null) && (res.getResponseHeader().getServiceResult() != null) &&
(res.getResponseHeader().getServiceResult().isGood())) {
hasBeenSuccessfullySessionActivated.set(true);
}
}
Expand Down
Related news
Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the `/dataset/data/{id}` API route inside the CMS starting in version 1.4.0 and prior to versions 2.3.17 and 3.3.5. This allows an authenticated user to exfiltrate data from the Xibo database by injecting specially crafted values in to the `filter` parameter. Values allowed in the filter parameter are checked against a deny list of commands that should not be allowed, however this checking was done in a case sensitive manor and so it is possible to bypass these checks by using unusual case combinations. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. There are no workarounds aside from upgrading.