Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
References
Link | Resource |
---|---|
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html | Release Notes |
http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/106301 | Third Party Advisory VDB Entry |
https://attachments.samba.org/attachment.cgi?id=14735 | Third Party Advisory |
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ | Release Notes Third Party Advisory |
https://www.debian.org/security/2018/dsa-4356 | Third Party Advisory |
https://www.exploit-db.com/exploits/46034/ | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/46048/ | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/46675/ | Exploit Third Party Advisory VDB Entry |
https://www.synology.com/security/advisory/Synology_SA_18_62 | Third Party Advisory |
https://www.tenable.com/security/research/tra-2018-48 | Exploit Release Notes Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
History
29 Sep 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netatalk
Netatalk netatalk |
|
CPE | cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:* |
Information
Published : 2018-12-20 21:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-1160
Mitre link : CVE-2018-1160
CVE.ORG link : CVE-2018-1160
JSON object : View
Products Affected
synology
- diskstation_manager
- vs960hd
- vs960hd_firmware
- skynas
- router_manager
debian
- debian_linux
netatalk
- netatalk
CWE
CWE-787
Out-of-bounds Write