CVE-2018-1160

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
References
Link Resource
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html Release Notes
http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/106301 Third Party Advisory VDB Entry
https://attachments.samba.org/attachment.cgi?id=14735 Third Party Advisory
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ Release Notes Third Party Advisory
https://www.debian.org/security/2018/dsa-4356 Third Party Advisory
https://www.exploit-db.com/exploits/46034/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46048/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46675/ Exploit Third Party Advisory VDB Entry
https://www.synology.com/security/advisory/Synology_SA_18_62 Third Party Advisory
https://www.tenable.com/security/research/tra-2018-48 Exploit Release Notes Third Party Advisory
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html Release Notes
http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html Exploit Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/106301 Third Party Advisory VDB Entry
https://attachments.samba.org/attachment.cgi?id=14735 Third Party Advisory
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ Release Notes Third Party Advisory
https://www.debian.org/security/2018/dsa-4356 Third Party Advisory
https://www.exploit-db.com/exploits/46034/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46048/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46675/ Exploit Third Party Advisory VDB Entry
https://www.synology.com/security/advisory/Synology_SA_18_62 Third Party Advisory
https://www.tenable.com/security/research/tra-2018-48 Exploit Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:59

Type Values Removed Values Added
References () http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html - Release Notes () http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html - Release Notes
References () http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html - Exploit, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/106301 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106301 - Third Party Advisory, VDB Entry
References () https://attachments.samba.org/attachment.cgi?id=14735 - Third Party Advisory () https://attachments.samba.org/attachment.cgi?id=14735 - Third Party Advisory
References () https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ - Release Notes, Third Party Advisory () https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ - Release Notes, Third Party Advisory
References () https://www.debian.org/security/2018/dsa-4356 - Third Party Advisory () https://www.debian.org/security/2018/dsa-4356 - Third Party Advisory
References () https://www.exploit-db.com/exploits/46034/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/46034/ - Exploit, Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/46048/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/46048/ - Exploit, Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/46675/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/46675/ - Exploit, Third Party Advisory, VDB Entry
References () https://www.synology.com/security/advisory/Synology_SA_18_62 - Third Party Advisory () https://www.synology.com/security/advisory/Synology_SA_18_62 - Third Party Advisory
References () https://www.tenable.com/security/research/tra-2018-48 - Exploit, Release Notes, Third Party Advisory () https://www.tenable.com/security/research/tra-2018-48 - Exploit, Release Notes, Third Party Advisory

29 Sep 2023, 11:15

Type Values Removed Values Added
First Time Netatalk
Netatalk netatalk
CPE cpe:2.3:a:netatalk_project:netatalk:*:*:*:*:*:*:*:* cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*

Information

Published : 2018-12-20 21:29

Updated : 2024-11-21 03:59


NVD link : CVE-2018-1160

Mitre link : CVE-2018-1160

CVE.ORG link : CVE-2018-1160


JSON object : View

Products Affected

synology

  • vs960hd_firmware
  • skynas
  • vs960hd
  • router_manager
  • diskstation_manager

debian

  • debian_linux

netatalk

  • netatalk
CWE
CWE-787

Out-of-bounds Write