#js

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: > SQL Injection isn't Dead: Smuggling Queries at the Protocol Level > <http://web.archive.org/web/20240812130923/https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn't%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf> > (Archive link for posterity.) Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow, causing the server to interpret the rest of the string as binary protocol commands or other data. It appears SQLx _does_ perform truncating casts in a way that could be problematic, for example: <https://github.com/launchbadge/sqlx/blob/6f2905695b9606b5f51b40ce10af63ac9e696bb8/sqlx-postgres/src/arguments.rs#L163> This code has existed essentially since the beginning, so it is reasonable to assume that all published versions `<= 0.8.0` a...

The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. If login against the FTP service of the Cosy+ fails, the submitted username is saved in a log. This log is included in the Cosy+ web interface without neutralizing the content. As a result, an unauthenticated attacker is able to inject HTML/JavaScript code via the username of an FTP login attempt.

Debian Linux Security Advisory 5750-1 - Support for the "strict kex" SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.

Red Hat Security Advisory 2024-5547-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.1 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-5537-03 - An update is now available for the Red Hat build of Cryostat 3 on RHEL 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-5535-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a traversal vulnerability.

Red Hat Security Advisory 2024-5534-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-5533-03 - An update for python3.12-setuptools is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

Build Your Own Botnet (BYOB) version 2.0.0 exploit that works by spoofing an agent callback to overwrite the sqlite database and bypass authentication and exploiting an authenticated command injection in the payload builder page.

Red Hat Security Advisory 2024-5482-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and server-side request forgery vulnerabilities.