CVSS: 8.6EPSS: 1%CPEs: 12EXPL: 0CVE-2020-24606 – squid: Improper input validation could result in a DoS
https://notcve.org/view.php?id=CVE-2020-24606
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF. Squid versiones anteriores a 4.13 y versiones 5.x anteriores a 5.0.4, permite que un peer de confianza lleve a cabo una Denegación de Servicio mediante el consumo de todos los ciclos de la CPU disponibles durante el manejo de un mensaje de respuesta de Cache Digest diseñado. Esto solo ocurre cuando cache_peer es usado con la funcionalidad cache digest. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patch https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2 https://lists.fedoraproje • CWE-20: Improper Input Validation CWE-667: Improper Locking •
CVSS: 7.3EPSS: 0%CPEs: 11EXPL: 0CVE-2020-14350 – postgresql: Uncontrolled search path element in CREATE EXTENSION
https://notcve.org/view.php?id=CVE-2020-14350
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23. Se detectó que algunas extensiones de PostgreSQL no usaban la función search_path de forma segura en su script de instalación. Un atacante con suficientes privilegios podría usar este fallo para engañar a un administrador para ejecutar un script especialmente diseñado durante la instalación o actualización de dicha extensión. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00043.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00008.html https://bugzilla.redhat.com/show_bug.cgi?id=1865746 https: • CWE-20: Improper Input Validation CWE-426: Untrusted Search Path •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-8624 – update-policy rules of type "subdomain" are enforced incorrectly
https://notcve.org/view.php?id=CVE-2020-8624
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. En BIND versiones 9.9.12 -) 9.9.13, 9.10.7 -) 9.10.8, 9.11.3 -) 9.11.21, 9.12.1 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.9 .12-S1 -) 9.9.13-S1, 9.11.3-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante a quien le han sido otorgado privilegios para cambiar un subconjunto específico del contenido de la zona podría abusar de estos privilegios adicionales no previstos para actualizar otros contenidos de la zona. A flaw was found in bind. Updates to "Update-policy" rules of type "subdomain" are treated as if they were of type "zonesub" which allows updates to all parts of the zone along with the intended subdomain. The highest threat from this vulnerability is to data integrity. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8624 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security.gentoo.org/glsa/202008-19 https://security.netapp.com/advisory/ntap- • CWE-269: Improper Privilege Management CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 2%CPEs: 16EXPL: 0CVE-2020-8623 – A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
https://notcve.org/view.php?id=CVE-2020-8623
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker En BIND versiones 9.10.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.10.5-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante que puede llegar a un sistema vulnerable con un paquete de consulta especialmente diseñado puede desencadenar un bloqueo. Para ser vulnerable, el sistema debe: * estar ejecutando BIND que fue creado con "--enable-native-pkcs11" * estar firmando una o más zonas con una clave RSA * ser capaz de recibir consultas de un posible atacante A flaw was found in bind. An assertion failure can occur when a specially crafted query for a zone signed with an RSA key. BIND must be compiled with "--enable-native-pkcs11" for the system to be affected. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8623 https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security. • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-8622 – A truncated TSIG response can lead to an assertion failure
https://notcve.org/view.php?id=CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. En BIND versiones 9.0.0 -) 9.11.21, 9.12.0 -) 9.16.5, 9.17.0 -) 9.17.3, también afecta a versiones 9.9.3-S1 -) 9.11.21-S1 de BIND 9 Supported Preview Edition, un atacante sobre la ruta de la red para una petición firmada por TSIG, u operando el servidor que recibe la petición firmada por TSIG, podría enviar una respuesta truncada a esa petición, desencadenando un fallo de aserción y causando que el servidor salga. Alternativamente, un atacante fuera de la ruta tendría que adivinar correctamente cuándo fue enviada una petición firmada por TSIG, junto con otras características del paquete y mensaje, y falsificar una respuesta truncada para desencadenar un fallo de aserción, causando la salida del servidor. A flaw was found in bind. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2020-8622 https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQN62GBMCIC5AY4KYADGXNKVY6AJKSJE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKAMJZXR66P6S5LEU4SN7USSNCWTXEXP https://security. • CWE-400: Uncontrolled Resource Consumption CWE-617: Reachable Assertion •