Nick Cleaton

**Nome do software vulnerável e versões afetadas: Versões do PostgreSQL anteriores à 13.1 Versões do PostgreSQL anteriores à 12.5 Versões do PostgreSQL anteriores à 11.10 Versões do PostgreSQL anteriores à 10.15 Versões do PostgreSQL anteriores à 9.6.20 Versões do PostgreSQL anteriores à 9.5.24 Descrição: Foi encontrada uma falha no terminal interativo psql do PostgreSQL. Se uma sessão interativa do psql usar `gset` ao consultar um servidor comprometido, o invasor pode executar código arbitrário como a conta do sistema operacional que está executando o psql. A maior ameaça dessa vulnerabilidade é à confidencialidade e integridade dos dados, bem como à disponibilidade do sistema. Recomendações: Para versões anteriores à 13.1, atualize para a versão 13.1 ou posterior. Para versões anteriores à 12.5, atualize para a versão 12.5 ou posterior. Para versões anteriores à 11.10, atualize para a versão 11.10 ou posterior. Para versões anteriores à 10.15, atualize para a versão 10.15 ou posterior. Para versões anteriores à 9.6.20, atualize para a versão 9.6.20 ou posterior. Para versões anteriores à 9.5.24, atualize para a versão 9.5.24 ou posterior. Como solução alternativa temporária, considere desativar o uso de `gset` em sessões interativas do psql até que um patch esteja disponível.

**Name of the Vulnerable Software and Affected Versions** rssh versions (affected versions not specified) **Description** The issue is related to insufficient sanitization of arguments passed to `rsync`, which can bypass restrictions imposed by `rssh`, a restricted shell. This allows an attacker to execute arbitrary shell commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rsync (affected versions not specified) **Description** The issue is related to insufficient sanitization of environment variables passed to rsync, which can bypass restrictions imposed by rssh, a restricted shell. This allows for the execution of arbitrary shell commands. The vulnerability is associated with errors in input validation. Exploitation can enable a remote attacker to execute arbitrary commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Gitolite versions prior to 3.6.11 Description: The issue arises when the .gitolite.rc file enables rsync in Gitolite. In this scenario, Gitolite mishandles the rsync command line, allowing attackers to trigger the use of an option other than -v, -n, -q, or -P, potentially having a negative impact. Recommendations: For versions prior to 3.6.11, update to version 3.6.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Safe module versions prior to 2.25 **Description** The issue allows context-dependent attackers to bypass intended access restrictions, specifically those imposed by Safe::reval and Safe::rdo, and inject and execute arbitrary code. This can be achieved through vectors involving implicitly called methods, such as DESTROY and AUTOLOAD, and implicitly blessed objects, which are related to "automagic methods." **Recommendations** For versions prior to 2.25, update to version 2.25 or later to resolve the issue. As a temporary workaround, consider restricting the use of implicitly called methods, such as DESTROY and AUTOLOAD, until a patch is available.

**Name of the Vulnerable Software and Affected Versions** cfengine versions prior to 2.0.8 **Description** The issue is related to a buffer overflow in the net.c file, which allows remote attackers to execute arbitrary code. This occurs when certain packets with modified length values are trusted by the ReceiveTransaction function, which uses a buffer provided by the BusyWithConnection function. **Recommendations** For versions prior to 2.0.8, update to version 2.0.8 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Exim 3 versions prior to 3.36 Exim 4 versions prior to 4.21 Description: The issue is related to a heap-based buffer overflow in the smtp in.c file. This can be exploited by remote attackers who send an invalid HELO or EHLO argument with a large number of spaces, followed by a NULL character and a newline. The argument is not properly trimmed before being appended to the buffer, potentially allowing the execution of arbitrary code. Recommendations: For Exim 3 versions prior to 3.36, update to version 3.36 or later. For Exim 4 versions prior to 4.21, update to version 4.21 or later.