An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.

@mcollina I'm 👍 for the test but why this isn't working?

// Catch invalid packet writeToStream errors
test('reject client requested for unsupported protocol version', function (t) {
  t.plan(3)

  const broker \= aedes()
  t.tearDown(broker.close.bind(broker))

  const s \= setup(broker)

  var packet \= \[
    16, 22, 0, 4, 77, 81, 84, 84,
    4, 2, 0, 0, 0, 10, 109, 121,
    99, 108, 105, 101, 110, 116, 105, 100,
    85, 0
  \]

  s.inStream.write(Buffer.from(packet))

  s.outStream.on('data', function (packet) {
    t.fail('no data sent')
  })
  broker.on('connectionError', function (client, err) {
    t.equal(client.version, null)
    t.equal(err.message, 'Unknown command')
    t.equal(broker.connectedClients, 0)
  })
})

I mean, it works as test but it doesn't make that function throw

P.S: I asked to the guy of the email to try this fix and he told me that this has fixed the bug 🎉

CVE-2020-13410: fix: catch writeToStream errors by robertsLando · Pull Request #493 · moscajs/aedes

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.

'1865744?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2020-14349: Invalid Bug ID

In OASIS Digital Signature Services (DSS) 1.0, an attacker can control the validation outcome (i.e., trigger either a valid or invalid outcome for a valid or invalid signature) via a crafted XML signature, when the InlineXML option is used. This defeats the expectation of non-repudiation.

CVE-2020-13101: Standards Archive - OASIS Open

Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

CVE-2020-15862: #965166 - snmpd privilege escalation

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

CVE-2020-14356: kernel NULL pointer dereference in __cgroup_bpf_run_filter_skb

Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2.

CVE-2020-24368: icingaweb2/CHANGELOG.md at master · Icinga/icingaweb2

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

CVE-2020-24394: #962254 - NFSv4.2: umask not applied on filesystem without ACL support

A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

CVE-2020-1597

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka 'Windows Registry Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1377.

CVE-2020-1378

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka 'Windows Registry Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1378.

Tag

#perl