All the vulnerabilites related to Netatalk - Netatalk
cve-2018-1160
Vulnerability from cvelistv5
Published
2018-12-20 21:00
Modified
2024-09-16 22:35
Severity ?
EPSS score ?
Summary
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html | x_refsource_CONFIRM | |
| https://attachments.samba.org/attachment.cgi?id=14735 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/106301 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/46034/ | exploit, x_refsource_EXPLOIT-DB | |
| https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/46048/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.synology.com/security/advisory/Synology_SA_18_62 | x_refsource_CONFIRM | |
| https://www.tenable.com/security/research/tra-2018-48 | x_refsource_MISC | |
| https://www.debian.org/security/2018/dsa-4356 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.exploit-db.com/exploits/46675/ | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:48.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://attachments.samba.org/attachment.cgi?id=14735"
},
{
"name": "106301",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106301"
},
{
"name": "46034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46034/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/"
},
{
"name": "46048",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46048/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_62"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-48"
},
{
"name": "DSA-4356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4356"
},
{
"name": "46675",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46675/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "Before 3.1.12"
}
]
}
],
"datePublic": "2018-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out of bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-08T20:06:06",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://attachments.samba.org/attachment.cgi?id=14735"
},
{
"name": "106301",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106301"
},
{
"name": "46034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46034/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/"
},
{
"name": "46048",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46048/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_62"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-48"
},
{
"name": "DSA-4356",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4356"
},
{
"name": "46675",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46675/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"DATE_PUBLIC": "2018-12-20T00:00:00",
"ID": "CVE-2018-1160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Netatalk",
"version": {
"version_data": [
{
"version_value": "Before 3.1.12"
}
]
}
}
]
},
"vendor_name": "Netatalk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html",
"refsource": "CONFIRM",
"url": "http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html"
},
{
"name": "https://attachments.samba.org/attachment.cgi?id=14735",
"refsource": "MISC",
"url": "https://attachments.samba.org/attachment.cgi?id=14735"
},
{
"name": "106301",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106301"
},
{
"name": "46034",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46034/"
},
{
"name": "https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/",
"refsource": "MISC",
"url": "https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/"
},
{
"name": "46048",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46048/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_62",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_62"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-48",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-48"
},
{
"name": "DSA-4356",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4356"
},
{
"name": "46675",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46675/"
},
{
"name": "http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2018-1160",
"datePublished": "2018-12-20T21:00:00Z",
"dateReserved": "2017-12-05T00:00:00",
"dateUpdated": "2024-09-16T22:35:09.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-45188
Vulnerability from cvelistv5
Published
2022-11-12 00:00
Modified
2024-08-03 14:09
Severity ?
EPSS score ?
Summary
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:09:56.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceforge.net/projects/netatalk/files/netatalk/"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.14.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://rushbnt.github.io/bug%20analysis/netatalk-0day/"
},
{
"name": "FEDORA-2023-aaeb45fb73",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/"
},
{
"name": "FEDORA-2023-e714897e70",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/"
},
{
"name": "FEDORA-2023-599faf1b1c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:21.224705",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceforge.net/projects/netatalk/files/netatalk/"
},
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.14.html"
},
{
"url": "https://rushbnt.github.io/bug%20analysis/netatalk-0day/"
},
{
"name": "FEDORA-2023-aaeb45fb73",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/"
},
{
"name": "FEDORA-2023-e714897e70",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/"
},
{
"name": "FEDORA-2023-599faf1b1c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-45188",
"datePublished": "2022-11-12T00:00:00",
"dateReserved": "2022-11-11T00:00:00",
"dateUpdated": "2024-08-03T14:09:56.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-31439
Vulnerability from cvelistv5
Published
2021-05-21 00:00
Modified
2024-08-03 22:55
Severity ?
EPSS score ?
Summary
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | DiskStation Manager |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:55:53.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-492/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DiskStation Manager",
"vendor": "Synology",
"versions": [
{
"status": "affected",
"version": "6.1.1-15101-4"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Angelboy(@scwuaptx) from DEVCORE Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:27.666921",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-492/"
},
{
"url": "https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-31439",
"datePublished": "2021-05-21T00:00:00",
"dateReserved": "2021-04-16T00:00:00",
"dateUpdated": "2024-08-03T22:55:53.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23124
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-525/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Theori (@theori_io)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:18.022769",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-525/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-23124",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:36:19.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23125
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-526/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "5.18.117"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Theori (@theori_io)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:22.856318",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-526/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-23125",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:36:19.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5718
Vulnerability from cvelistv5
Published
2008-12-26 17:08
Modified
2024-08-07 11:04
Severity ?
EPSS score ?
Summary
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sourceforge.net/project/shownotes.php?release_id=648189 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2009/dsa-1705 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/34484 | third-party-advisory, x_refsource_SECUNIA | |
| https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.html | vendor-advisory, x_refsource_FEDORA | |
| https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/33548 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/33227 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html | vendor-advisory, x_refsource_SUSE | |
| http://osvdb.org/50824 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/32925 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2009/01/13/3 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=648189"
},
{
"name": "DSA-1705",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1705"
},
{
"name": "34484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34484"
},
{
"name": "FEDORA-2009-3064",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.html"
},
{
"name": "FEDORA-2009-3069",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.html"
},
{
"name": "33548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33548"
},
{
"name": "33227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33227"
},
{
"name": "SUSE-SR:2009:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name": "50824",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50824"
},
{
"name": "32925",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32925"
},
{
"name": "[oss-security] 20090114 update on CVE-2008-5718",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/01/13/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-22T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=648189"
},
{
"name": "DSA-1705",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1705"
},
{
"name": "34484",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34484"
},
{
"name": "FEDORA-2009-3064",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.html"
},
{
"name": "FEDORA-2009-3069",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.html"
},
{
"name": "33548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33548"
},
{
"name": "33227",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33227"
},
{
"name": "SUSE-SR:2009:004",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name": "50824",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50824"
},
{
"name": "32925",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32925"
},
{
"name": "[oss-security] 20090114 update on CVE-2008-5718",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/01/13/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=648189",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=648189"
},
{
"name": "DSA-1705",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1705"
},
{
"name": "34484",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34484"
},
{
"name": "FEDORA-2009-3064",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00962.html"
},
{
"name": "FEDORA-2009-3069",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00966.html"
},
{
"name": "33548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33548"
},
{
"name": "33227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33227"
},
{
"name": "SUSE-SR:2009:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
},
{
"name": "50824",
"refsource": "OSVDB",
"url": "http://osvdb.org/50824"
},
{
"name": "32925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32925"
},
{
"name": "[oss-security] 20090114 update on CVE-2008-5718",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/01/13/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5718",
"datePublished": "2008-12-26T17:08:00",
"dateReserved": "2008-12-26T00:00:00",
"dateUpdated": "2024-08-07T11:04:44.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23123
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-528/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3426-3] netatalk regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00016.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Orange Tsai (@orange_8361) from DEVCORE Research Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:26.028841",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-528/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "[debian-lts-announce] 20230813 [SECURITY] [DLA 3426-3] netatalk regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00016.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-23123",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:36:19.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23122
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-529/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Orange Tsai (@orange_8361) from DEVCORE Research Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:16.491962",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-529/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-23122",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38439
Vulnerability from cvelistv5
Published
2024-06-16 00:00
Modified
2024-08-22 16:49
Severity ?
EPSS score ?
Summary
Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in etc/uams/uams_pam.c. 2.4.1 and 3.1.19 are also fixed versions.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Netatalk/netatalk/issues/1096"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Netatalk/netatalk/blob/90d91a9ac9a7d6132ab7620d31c8c23400949206/etc/uams/uams_pam.c#L316"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Netatalk/netatalk/security/advisories/GHSA-8r68-857c-4rqc"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.io/security/CVE-2024-38439"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "netatalk",
"vendor": "netatalk",
"versions": [
{
"lessThan": "2.4.1",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
},
{
"lessThan": "3.1.19",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.2.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-38439",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T16:46:15.915682Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T16:49:30.004Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to \u0027\\0\u0027 in FPLoginExt in login in etc/uams/uams_pam.c. 2.4.1 and 3.1.19 are also fixed versions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-30T11:37:15.807115",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Netatalk/netatalk/issues/1096"
},
{
"url": "https://github.com/Netatalk/netatalk/blob/90d91a9ac9a7d6132ab7620d31c8c23400949206/etc/uams/uams_pam.c#L316"
},
{
"url": "https://github.com/Netatalk/netatalk/security/advisories/GHSA-8r68-857c-4rqc"
},
{
"url": "https://netatalk.io/security/CVE-2024-38439"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-38439",
"datePublished": "2024-06-16T00:00:00",
"dateReserved": "2024-06-16T00:00:00",
"dateUpdated": "2024-08-22T16:49:30.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0194
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:42.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-530/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Theori (@theori_io)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:19.530422",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-530/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-0194",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-02T23:18:42.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23121
Vulnerability from cvelistv5
Published
2023-03-28 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:19.187Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-527/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "[debian-lts-announce] 20230601 [SECURITY] [DLA 3426-2] netatalk regression update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00000.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NCC Group EDG (Alex Plaskett, Cedric Halbronn, Aaron Adams) "
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755: Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-01T16:06:24.449286",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-527/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "[debian-lts-announce] 20230601 [SECURITY] [DLA 3426-2] netatalk regression update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00000.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-23121",
"datePublished": "2023-03-28T00:00:00",
"dateReserved": "2022-01-11T00:00:00",
"dateUpdated": "2024-08-03T03:36:19.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43634
Vulnerability from cvelistv5
Published
2023-03-29 00:00
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:05.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-094/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Netatalk/Netatalk/pull/186"
},
{
"name": "FEDORA-2023-aaeb45fb73",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/"
},
{
"name": "FEDORA-2023-e714897e70",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/"
},
{
"name": "FEDORA-2023-599faf1b1c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netatalk",
"vendor": "Netatalk",
"versions": [
{
"status": "affected",
"version": "3.1.13"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Corentin BAYET (@OnlyTheDuck), Etienne HELLUY-LAFONT and Luca MORO (@johncool__) from Synacktiv"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-21T04:06:20.590741",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-094/"
},
{
"url": "https://github.com/Netatalk/Netatalk/pull/186"
},
{
"name": "FEDORA-2023-aaeb45fb73",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/"
},
{
"name": "FEDORA-2023-e714897e70",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/"
},
{
"name": "FEDORA-2023-599faf1b1c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/"
},
{
"name": "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-43634",
"datePublished": "2023-03-29T00:00:00",
"dateReserved": "2022-10-21T00:00:00",
"dateUpdated": "2024-08-03T13:40:05.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-42464
Vulnerability from cvelistv5
Published
2023-09-20 00:00
Modified
2024-08-02 19:23
Severity ?
EPSS score ?
Summary
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:39.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/Netatalk/netatalk/issues/486"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "[debian-lts-announce] 20230925 [SECURITY] [DLA 3584-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00031.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/CVE-2023-42464.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.sourceforge.io/3.1/htmldocs/afpd.8.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://netatalk.io/security/CVE-2023-42464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the underlying protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a malicious actor may be able to fully control the value of the pointer and theoretically achieve Remote Code Execution on the host. This issue is similar to CVE-2023-34967."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T08:19:48.643325",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://netatalk.sourceforge.io/"
},
{
"url": "https://github.com/Netatalk/netatalk/issues/486"
},
{
"name": "DSA-5503",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"name": "[debian-lts-announce] 20230925 [SECURITY] [DLA 3584-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00031.html"
},
{
"url": "https://netatalk.sourceforge.io/CVE-2023-42464.php"
},
{
"url": "https://netatalk.sourceforge.io/3.1/htmldocs/afpd.8.html"
},
{
"url": "https://netatalk.io/security/CVE-2023-42464"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-42464",
"datePublished": "2023-09-20T00:00:00",
"dateReserved": "2023-09-11T00:00:00",
"dateUpdated": "2024-08-02T19:23:39.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22995
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Western Digital | My Cloud | |
| Western Digital | My Cloud Home |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
},
{
"name": "FEDORA-2023-cec97f7b5d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
},
{
"name": "FEDORA-2023-ef901c862c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-02"
},
{
"name": "FEDORA-2023-39f0ec3879",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
},
{
"name": "[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Linux"
],
"product": "My Cloud",
"vendor": "Western Digital",
"versions": [
{
"lessThan": " 5.19.117",
"status": "affected",
"version": "My Cloud OS 5",
"versionType": "custom"
}
]
},
{
"platforms": [
"Android "
],
"product": "My Cloud Home",
"vendor": "Western Digital",
"versions": [
{
"lessThan": " 7.16-220",
"status": "affected",
"version": "My Cloud Home",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Corentin BAYET (@OnlyTheDuck), Etienne HELLUY-LAFONT and Luca MORO (@johncool__) from Synacktiv working with Trend Micro\u2019s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-04T22:06:13.592937",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
},
{
"name": "FEDORA-2023-cec97f7b5d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
},
{
"name": "FEDORA-2023-ef901c862c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
},
{
"name": "GLSA-202311-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202311-02"
},
{
"name": "FEDORA-2023-39f0ec3879",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
},
{
"name": "[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
}
],
"solutions": [
{
"lang": "en",
"value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2022-22995",
"datePublished": "2022-03-25T00:00:00",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201812-0337
Vulnerability from variot
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. Netatalk Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Netatalk is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. Versions prior to Netatalk 3.1.12 are vulnerable. Netatalk is a server for providing Appletalk network protocol services on the Linux platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] netatalk (SSA:2018-355-01)
New netatalk packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/netatalk-3.1.12-i586-1_slack14.2.txz: Upgraded. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/netatalk-3.1.12-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/netatalk-3.1.12-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/netatalk-3.1.12-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/netatalk-3.1.12-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/netatalk-3.1.12-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/netatalk-3.1.12-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/netatalk-3.1.12-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/netatalk-3.1.12-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: 432b5ce04bc190f3b2adeb0b5cc38038 netatalk-3.1.12-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 88f1941d9ecbf3396f980b3991974e40 netatalk-3.1.12-x86_64-1_slack14.0.txz
Slackware 14.1 package: 7721f598bf7727c96f8212584183a391 netatalk-3.1.12-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 5de343d3978db5139b2075ac15d72b07 netatalk-3.1.12-x86_64-1_slack14.1.txz
Slackware 14.2 package: eb213699f58c6b08908bda9df86571d8 netatalk-3.1.12-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 9e7f5b18ab91dc69a2b4326f563c0682 netatalk-3.1.12-x86_64-1_slack14.2.txz
Slackware -current package: dcf24ac0ff6cf0e1e0704cb3f0f35dc3 n/netatalk-3.1.12-i586-1.txz
Slackware x86_64 -current package: efaab6db914d27191fddfdd409fcb0b1 n/netatalk-3.1.12-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg netatalk-3.1.12-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAlwdxscACgkQakRjwEAQIjMmkwCffwsX8TRT8L+Ymtwwif7HSrgZ qAYAn02bfnf6sOXXxWYTPJBuzVwv3jR5 =UBLh -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4356-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq
Package : netatalk CVE ID : CVE-2018-1160 Debian Bug : 916930
Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
For the stable distribution (stretch), this problem has been fixed in version 2.2.5-2+deb9u1.
We recommend that you upgrade your netatalk packages.
For the detailed security status of netatalk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netatalk
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlwb2aFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TaWA/7BLosSUP7w9QtHSSXqZcQQ2S2SzVNbANKjK0E1VFb+P8yZYXmQTQIBcLI SvM8A8tewM7gil0d8Nl+5m1xPZeWZ9eLrwCkD9CvAbqS+6h1HiiIGAEyAFJ0wzL8 P49BUZtUmg/vFFecjhdwPW+D5ve31EKZlB/IJngGm4ETHnRUyGXvYtW6Y89KWKQL Fl2t3quM1zq6nIi8ovtHUvEMkenHfziT3I0WcEjqZp/YJb8WlckpQOBs/oIH9Cem m5FmQmYbQLFt40RPORjhsA+7vWOCofBFfW7caVY+9hkSL75USzhfZRHeIWS4LHrA 4tKmwS4ZDv/9FyT/KEOnA0qBjLltFUYoK3ZnWGvw0lGVVJE4ae9N5nsLYuVsbEey 6Q8MYn7H/Kks8/CXicb9Mg4pgCcRK8PdudY+BTo6BTZHE6oRT2fj1t8COYWJ7xWo 92CoIbuQ6E5fJwxyZ7aDOGbzQxUmuE1SL6QblK/xlIdUCdJ8qtyFBat8++KVNoAn mtYah1/VFfqUA2XqzRdQIq3O45Hks48jhKWhqIPjJaK9kJQaiRLkSkqZr/SBI2Vy ZIe4mHG/j5Ps4Y2Z9WiamvZCP2jlFRWFsaYKpS7Bj1auf9ekA3zOB7PH+3Lxq93N KDl9HJLTrKym1v4p3hAeuHpkbMDOxH4Bpf5K9Qys7/ce6cPOhVA= =VFiz -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0337",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netatalk",
"scope": "lt",
"trust": 1.8,
"vendor": "netatalk",
"version": "3.1.12"
},
{
"model": "skynas",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "5.2"
},
{
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "6.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "vs960hd",
"scope": "eq",
"trust": 1.0,
"vendor": "synology",
"version": null
},
{
"model": "router manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "1.2-7742-5"
},
{
"model": "router manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "1.2"
},
{
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.1.7-15284-3"
},
{
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "5.2-5967-9"
},
{
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.2.1-23824-4"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "diskstation manager",
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": "router manager",
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": "skynas",
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": "vs960hd",
"scope": null,
"trust": 0.8,
"vendor": "synology",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "netatalk",
"scope": "eq",
"trust": 0.3,
"vendor": "netatalk",
"version": "3.1.11"
},
{
"model": "netatalk",
"scope": "eq",
"trust": 0.3,
"vendor": "netatalk",
"version": "3.1"
},
{
"model": "netatalk",
"scope": "eq",
"trust": 0.3,
"vendor": "netatalk",
"version": "2.0.4"
},
{
"model": "netatalk",
"scope": "eq",
"trust": 0.3,
"vendor": "netatalk",
"version": "3.0"
},
{
"model": "netatalk",
"scope": "eq",
"trust": 0.3,
"vendor": "netatalk",
"version": "2.2"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-30",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6"
},
{
"model": "netatalk",
"scope": "ne",
"trust": 0.3,
"vendor": "netatalk",
"version": "3.1.12"
}
],
"sources": [
{
"db": "BID",
"id": "106301"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.2-5967-9",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1.7-15284-3",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.1-23824-4",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2-7742-5",
"versionStartIncluding": "1.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1160"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "muts",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
],
"trust": 0.6
},
"cve": "CVE-2018-1160",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-1160",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-121475",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-1160",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-1160",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-955",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121475",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1160",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. Netatalk Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Netatalk is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. \nVersions prior to Netatalk 3.1.12 are vulnerable. Netatalk is a server for providing Appletalk network protocol services on the Linux platform. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n[slackware-security] netatalk (SSA:2018-355-01)\n\nNew netatalk packages are available for Slackware 14.0, 14.1, 14.2,\nand -current to fix a security issue. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/netatalk-3.1.12-i586-1_slack14.2.txz: Upgraded. \n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/netatalk-3.1.12-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/netatalk-3.1.12-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/netatalk-3.1.12-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/netatalk-3.1.12-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/netatalk-3.1.12-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/netatalk-3.1.12-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/netatalk-3.1.12-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/netatalk-3.1.12-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n432b5ce04bc190f3b2adeb0b5cc38038 netatalk-3.1.12-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n88f1941d9ecbf3396f980b3991974e40 netatalk-3.1.12-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n7721f598bf7727c96f8212584183a391 netatalk-3.1.12-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n5de343d3978db5139b2075ac15d72b07 netatalk-3.1.12-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\neb213699f58c6b08908bda9df86571d8 netatalk-3.1.12-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n9e7f5b18ab91dc69a2b4326f563c0682 netatalk-3.1.12-x86_64-1_slack14.2.txz\n\nSlackware -current package:\ndcf24ac0ff6cf0e1e0704cb3f0f35dc3 n/netatalk-3.1.12-i586-1.txz\n\nSlackware x86_64 -current package:\nefaab6db914d27191fddfdd409fcb0b1 n/netatalk-3.1.12-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg netatalk-3.1.12-i586-1_slack14.2.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. |\n+------------------------------------------------------------------------+\n-----BEGIN PGP SIGNATURE-----\n\niEYEARECAAYFAlwdxscACgkQakRjwEAQIjMmkwCffwsX8TRT8L+Ymtwwif7HSrgZ\nqAYAn02bfnf6sOXXxWYTPJBuzVwv3jR5\n=UBLh\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4356-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nDecember 20, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : netatalk\nCVE ID : CVE-2018-1160\nDebian Bug : 916930\n\nJacob Baines discovered a flaw in the handling of the DSI Opensession\ncommand in Netatalk, an implementation of the AppleTalk Protocol Suite,\nallowing an unauthenticated user to execute arbitrary code with root\nprivileges. \n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.2.5-2+deb9u1. \n\nWe recommend that you upgrade your netatalk packages. \n\nFor the detailed security status of netatalk please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/netatalk\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlwb2aFfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TaWA/7BLosSUP7w9QtHSSXqZcQQ2S2SzVNbANKjK0E1VFb+P8yZYXmQTQIBcLI\nSvM8A8tewM7gil0d8Nl+5m1xPZeWZ9eLrwCkD9CvAbqS+6h1HiiIGAEyAFJ0wzL8\nP49BUZtUmg/vFFecjhdwPW+D5ve31EKZlB/IJngGm4ETHnRUyGXvYtW6Y89KWKQL\nFl2t3quM1zq6nIi8ovtHUvEMkenHfziT3I0WcEjqZp/YJb8WlckpQOBs/oIH9Cem\nm5FmQmYbQLFt40RPORjhsA+7vWOCofBFfW7caVY+9hkSL75USzhfZRHeIWS4LHrA\n4tKmwS4ZDv/9FyT/KEOnA0qBjLltFUYoK3ZnWGvw0lGVVJE4ae9N5nsLYuVsbEey\n6Q8MYn7H/Kks8/CXicb9Mg4pgCcRK8PdudY+BTo6BTZHE6oRT2fj1t8COYWJ7xWo\n92CoIbuQ6E5fJwxyZ7aDOGbzQxUmuE1SL6QblK/xlIdUCdJ8qtyFBat8++KVNoAn\nmtYah1/VFfqUA2XqzRdQIq3O45Hks48jhKWhqIPjJaK9kJQaiRLkSkqZr/SBI2Vy\nZIe4mHG/j5Ps4Y2Z9WiamvZCP2jlFRWFsaYKpS7Bj1auf9ekA3zOB7PH+3Lxq93N\nKDl9HJLTrKym1v4p3hAeuHpkbMDOxH4Bpf5K9Qys7/ce6cPOhVA=\n=VFiz\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "BID",
"id": "106301"
},
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "PACKETSTORM",
"id": "150916"
},
{
"db": "PACKETSTORM",
"id": "150864"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-121475",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=46675",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1160",
"trust": 3.1
},
{
"db": "TENABLE",
"id": "TRA-2018-48",
"trust": 2.9
},
{
"db": "EXPLOIT-DB",
"id": "46034",
"trust": 2.1
},
{
"db": "BID",
"id": "106301",
"trust": 2.1
},
{
"db": "PACKETSTORM",
"id": "152440",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "46048",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "46675",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "150864",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150916",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150891",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97748",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-121475",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-1160",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "BID",
"id": "106301"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "PACKETSTORM",
"id": "150916"
},
{
"db": "PACKETSTORM",
"id": "150864"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"id": "VAR-201812-0337",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:52:30.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DSA-4356",
"trust": 0.8,
"url": "https://www.debian.org/security/2018/dsa-4356"
},
{
"title": "Netatalk 3.1.12",
"trust": 0.8,
"url": "http://netatalk.sourceforge.net/3.1/releasenotes3.1.12.html"
},
{
"title": "Synology-SA-18:62 Netatalk",
"trust": 0.8,
"url": "https://www.synology.com/ja-jp/security/advisory/synology_sa_18_62"
},
{
"title": "Netatalk Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88113"
},
{
"title": "Debian CVElist Bug Report Logs: netatalk: CVE-2018-1160: Unauthenticated remote code execution in Netatalk",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7ca724fbcb5be198c1b4286c261b6758"
},
{
"title": "Debian Security Advisories: DSA-4356-1 netatalk -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a853c6ae1b3ef5195ece61a5d9c4a33e"
},
{
"title": "Protocol-Vul",
"trust": 0.1,
"url": "https://github.com/winmin/protocol-vul "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/"
},
{
"trust": 2.9,
"url": "https://www.tenable.com/security/research/tra-2018-48"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/106301"
},
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/152440/qnap-netatalk-authentication-bypass.html"
},
{
"trust": 2.1,
"url": "http://netatalk.sourceforge.net/3.1/releasenotes3.1.12.html"
},
{
"trust": 2.1,
"url": "https://www.debian.org/security/2018/dsa-4356"
},
{
"trust": 1.8,
"url": "https://www.synology.com/security/advisory/synology_sa_18_62"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46034/"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46048/"
},
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/46675/"
},
{
"trust": 1.8,
"url": "https://attachments.samba.org/attachment.cgi?id=14735"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1160"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1160"
},
{
"trust": 0.7,
"url": "https://www.exploit-db.com/exploits/46675"
},
{
"trust": 0.3,
"url": "https://www.exploit-db.com/exploits/46034"
},
{
"trust": 0.3,
"url": "http://netatalk.sourceforge.net/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916930"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=59406"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/winmin/protocol-vul"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/netatalk"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "BID",
"id": "106301"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "PACKETSTORM",
"id": "150916"
},
{
"db": "PACKETSTORM",
"id": "150864"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-121475"
},
{
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"db": "BID",
"id": "106301"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"db": "PACKETSTORM",
"id": "150916"
},
{
"db": "PACKETSTORM",
"id": "150864"
},
{
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-121475"
},
{
"date": "2018-12-20T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"date": "2018-12-20T00:00:00",
"db": "BID",
"id": "106301"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"date": "2018-12-24T16:47:50",
"db": "PACKETSTORM",
"id": "150916"
},
{
"date": "2018-12-20T18:18:00",
"db": "PACKETSTORM",
"id": "150864"
},
{
"date": "2018-12-20T21:29:00.477000",
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"date": "2018-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-121475"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1160"
},
{
"date": "2018-12-20T00:00:00",
"db": "BID",
"id": "106301"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014397"
},
{
"date": "2023-09-29T11:15:02.217000",
"db": "NVD",
"id": "CVE-2018-1160"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netatalk Vulnerable to out-of-bounds writing",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014397"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-955"
}
],
"trust": 0.6
}
}
var-202105-1166
Vulnerability from variot
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326. Synology DiskStation Manager Is vulnerable to a heap-based buffer overflow. Zero Day Initiative To this vulnerability ZDI-CAN-12326 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Synology DiskStation DS418play is a network device of China Synology Corporation. Provides a storage function. ========================================================================== Ubuntu Security Notice USN-6146-1 June 08, 2023
netatalk vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in Netatalk.
Software Description: - netatalk: Apple Filing Protocol service
Details:
It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0194)
It was discovered that Netatalk did not properly handle errors when parsing AppleDouble entries. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43634)
It was discovered that Netatalk did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted .appl file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-45188)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10: netatalk 3.1.13~ds-2ubuntu0.22.10.1
Ubuntu 22.04 LTS: netatalk 3.1.12~ds-9ubuntu0.22.04.1
Ubuntu 20.04 LTS: netatalk 3.1.12~ds-4ubuntu0.20.04.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro): netatalk 2.2.6-1ubuntu0.18.04.2+esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): netatalk 2.2.5-1ubuntu0.2+esm1
Ubuntu 14.04 LTS (Available with Ubuntu Pro): netatalk 2.2.2-1ubuntu2.2+esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6146-1 CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634, CVE-2022-45188
Package Information: https://launchpad.net/ubuntu/+source/netatalk/3.1.13~ds-2ubuntu0.22.10.1 https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-9ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-4ubuntu0.20.04.1 .
For the oldstable distribution (bullseye), these problems have been fixed in version 3.1.12~ds-8+deb11u1.
We recommend that you upgrade your netatalk packages.
For the detailed security status of netatalk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netatalk
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmULMA8ACgkQEMKTtsN8 TjYw9xAArA2NN4zvH7wC6Itn5ry9kZhQS4BhkCk10WXd0L77k2qzRRTMMw9OBmNn Lk5w3/9oJhqBmtNkLerfBCSMA1aQFQfWOefJnywY/2lYYSS6Uc18Xze78CW4w2O1 /EkK836N6vSVuptjlcvTFGc61XUpbaZJ8CN4ipb2A0tNgp7Ja+Hrz4RgnrS2ppKP gmNuZ5iDcX9N9PohNPTnHc4jQkRscuPN1lsPDrc0OP4E2V7oFm8G7EKexO9BtREq eznaj0Bkcbvddquqz4dnPXOYjkXzoedvGYmI2J5EigIiBMNugL02zExbuhVCmVNl it29LDVAbgNpPgbUi9NRRe9EMXHI+XFgp/xB34jtyq3617SBPLelLBP/e41Bqnua E8C+37uxvIcSgbVibpzhtHkiXTffOpqR3mduXG/VrbuvqO7yzw1sjXrks867wV1Q rQPbX1O99sY+wg69jdyS/QTUQYHkDSGW2Ud+9u7Pv6Bkh/ibXIxHcNiWKaE2LPJi a8mWurmV/r4l325E09jJGxZON4CKiU50+FMKLi8Eo+uXdKDL+dyey9GQBBWQIU0n zg4oJQ/59oGnTib2C52hyZU6xtQbdCceqP2M+4/x75xtCkR5pLcvTnDqRBvnyYBv REbFCz3X46cdxzkbeu/SQWIBLAGXv7yktz8YX8y5Q6h4798FpVY= =jmG2 -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202311-02
https://security.gentoo.org/
Severity: High Title: Netatalk: Multiple Vulnerabilities including root remote code execution Date: November 01, 2023 Bugs: #837623, #881259, #915354 ID: 202311-02
Synopsis
Multiple vulnerabilities have been discovered in Netatalk, which could lead to remote code execution
Background
Netatalk is a kernel level implementation of the AppleTalk Protocol Suite, which allows Unix hosts to act as file, print, and time servers for Apple computers. It includes several script utilities, including etc2ps.sh.
Affected packages
Package Vulnerable Unaffected
net-fs/netatalk < 3.1.18 >= 3.1.18
Description
Multiple vulnerabilities have been discovered in Netatalk. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Netatalk users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/netatalk-3.1.18"
References
[ 1 ] CVE-2021-31439 https://nvd.nist.gov/vuln/detail/CVE-2021-31439 [ 2 ] CVE-2022-0194 https://nvd.nist.gov/vuln/detail/CVE-2022-0194 [ 3 ] CVE-2022-22995 https://nvd.nist.gov/vuln/detail/CVE-2022-22995 [ 4 ] CVE-2022-23121 https://nvd.nist.gov/vuln/detail/CVE-2022-23121 [ 5 ] CVE-2022-23122 https://nvd.nist.gov/vuln/detail/CVE-2022-23122 [ 6 ] CVE-2022-23123 https://nvd.nist.gov/vuln/detail/CVE-2022-23123 [ 7 ] CVE-2022-23124 https://nvd.nist.gov/vuln/detail/CVE-2022-23124 [ 8 ] CVE-2022-23125 https://nvd.nist.gov/vuln/detail/CVE-2022-23125 [ 9 ] CVE-2022-45188 https://nvd.nist.gov/vuln/detail/CVE-2022-45188
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202311-02
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202105-1166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "diskstation manager",
"scope": null,
"trust": 1.5,
"vendor": "synology",
"version": null
},
{
"model": "diskstation manager",
"scope": "gte",
"trust": 1.0,
"vendor": "synology",
"version": "6.2"
},
{
"model": "diskstation manager",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "6.2.3-25426-3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "netatalk",
"scope": "lt",
"trust": 1.0,
"vendor": "netatalk",
"version": "3.1.13"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "diskstation manager",
"scope": "eq",
"trust": 0.8,
"vendor": "synology",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.3-25426-3",
"versionStartIncluding": "6.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.13",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-31439"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Angelboy(@scwuaptx) from DEVCORE Security Team",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
}
],
"trust": 0.7
},
"cve": "CVE-2021-31439",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-31439",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-391194",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-31439",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2021-31439",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-31439",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2021-31439",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2021-31439",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-2219",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-391194",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-31439",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326. Synology DiskStation Manager Is vulnerable to a heap-based buffer overflow. Zero Day Initiative To this vulnerability ZDI-CAN-12326 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Synology DiskStation DS418play is a network device of China Synology Corporation. Provides a storage function. ==========================================================================\nUbuntu Security Notice USN-6146-1\nJune 08, 2023\n\nnetatalk vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 14.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in Netatalk. \n\nSoftware Description:\n- netatalk: Apple Filing Protocol service\n\nDetails:\n\nIt was discovered that Netatalk did not properly validate the length of\nuser-supplied data in the DSI structures. This issue only affected Ubuntu 20.04 LTS and Ubuntu\n22.04 LTS. \nThis issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \n(CVE-2022-0194)\n\nIt was discovered that Netatalk did not properly handle errors when parsing\nAppleDouble entries. This issue only affected\nUbuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and\nUbuntu 22.04 LTS. \nThis issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04\nLTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \nThis issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04\nLTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. \nThis issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu\n22.10. (CVE-2022-43634)\n\nIt was discovered that Netatalk did not properly manage memory under\ncertain circumstances. If a user were tricked into opening a specially\ncrafted .appl file, a remote attacker could possibly use this issue to\nexecute arbitrary code. (CVE-2022-45188)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.10:\n netatalk 3.1.13~ds-2ubuntu0.22.10.1\n\nUbuntu 22.04 LTS:\n netatalk 3.1.12~ds-9ubuntu0.22.04.1\n\nUbuntu 20.04 LTS:\n netatalk 3.1.12~ds-4ubuntu0.20.04.1\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n netatalk 2.2.6-1ubuntu0.18.04.2+esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n netatalk 2.2.5-1ubuntu0.2+esm1\n\nUbuntu 14.04 LTS (Available with Ubuntu Pro):\n netatalk 2.2.2-1ubuntu2.2+esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6146-1\n CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122,\n CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634,\n CVE-2022-45188\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/netatalk/3.1.13~ds-2ubuntu0.22.10.1\n https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-9ubuntu0.22.04.1\n https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-4ubuntu0.20.04.1\n. \n \nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 3.1.12~ds-8+deb11u1. \n\nWe recommend that you upgrade your netatalk packages. \n\nFor the detailed security status of netatalk please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netatalk\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmULMA8ACgkQEMKTtsN8\nTjYw9xAArA2NN4zvH7wC6Itn5ry9kZhQS4BhkCk10WXd0L77k2qzRRTMMw9OBmNn\nLk5w3/9oJhqBmtNkLerfBCSMA1aQFQfWOefJnywY/2lYYSS6Uc18Xze78CW4w2O1\n/EkK836N6vSVuptjlcvTFGc61XUpbaZJ8CN4ipb2A0tNgp7Ja+Hrz4RgnrS2ppKP\ngmNuZ5iDcX9N9PohNPTnHc4jQkRscuPN1lsPDrc0OP4E2V7oFm8G7EKexO9BtREq\neznaj0Bkcbvddquqz4dnPXOYjkXzoedvGYmI2J5EigIiBMNugL02zExbuhVCmVNl\nit29LDVAbgNpPgbUi9NRRe9EMXHI+XFgp/xB34jtyq3617SBPLelLBP/e41Bqnua\nE8C+37uxvIcSgbVibpzhtHkiXTffOpqR3mduXG/VrbuvqO7yzw1sjXrks867wV1Q\nrQPbX1O99sY+wg69jdyS/QTUQYHkDSGW2Ud+9u7Pv6Bkh/ibXIxHcNiWKaE2LPJi\na8mWurmV/r4l325E09jJGxZON4CKiU50+FMKLi8Eo+uXdKDL+dyey9GQBBWQIU0n\nzg4oJQ/59oGnTib2C52hyZU6xtQbdCceqP2M+4/x75xtCkR5pLcvTnDqRBvnyYBv\nREbFCz3X46cdxzkbeu/SQWIBLAGXv7yktz8YX8y5Q6h4798FpVY=\n=jmG2\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202311-02\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Netatalk: Multiple Vulnerabilities including root remote code execution\n Date: November 01, 2023\n Bugs: #837623, #881259, #915354\n ID: 202311-02\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Netatalk, which could\nlead to remote code execution\n\nBackground\n==========\n\nNetatalk is a kernel level implementation of the AppleTalk Protocol\nSuite, which allows Unix hosts to act as file, print, and time servers\nfor Apple computers. It includes several script utilities, including\netc2ps.sh. \n\nAffected packages\n=================\n\nPackage Vulnerable Unaffected\n--------------- ------------ ------------\nnet-fs/netatalk \u003c 3.1.18 \u003e= 3.1.18\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Netatalk. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Netatalk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-fs/netatalk-3.1.18\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-31439\n https://nvd.nist.gov/vuln/detail/CVE-2021-31439\n[ 2 ] CVE-2022-0194\n https://nvd.nist.gov/vuln/detail/CVE-2022-0194\n[ 3 ] CVE-2022-22995\n https://nvd.nist.gov/vuln/detail/CVE-2022-22995\n[ 4 ] CVE-2022-23121\n https://nvd.nist.gov/vuln/detail/CVE-2022-23121\n[ 5 ] CVE-2022-23122\n https://nvd.nist.gov/vuln/detail/CVE-2022-23122\n[ 6 ] CVE-2022-23123\n https://nvd.nist.gov/vuln/detail/CVE-2022-23123\n[ 7 ] CVE-2022-23124\n https://nvd.nist.gov/vuln/detail/CVE-2022-23124\n[ 8 ] CVE-2022-23125\n https://nvd.nist.gov/vuln/detail/CVE-2022-23125\n[ 9 ] CVE-2022-45188\n https://nvd.nist.gov/vuln/detail/CVE-2022-45188\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202311-02\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2023 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "PACKETSTORM",
"id": "172803"
},
{
"db": "PACKETSTORM",
"id": "174801"
},
{
"db": "PACKETSTORM",
"id": "175637"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-31439",
"trust": 4.4
},
{
"db": "ZDI",
"id": "ZDI-21-492",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12326",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021050308",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042579",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3300",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.2863",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-391194",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-31439",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "172803",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174801",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "175637",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "PACKETSTORM",
"id": "172803"
},
{
"db": "PACKETSTORM",
"id": "174801"
},
{
"db": "PACKETSTORM",
"id": "175637"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"id": "VAR-202105-1166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-391194"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:43:25.290000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Synology-SA-20",
"trust": 1.5,
"url": "https://www.synology.com/zh-hk/security/advisory/synology_sa_20_26"
},
{
"title": "Synology DiskStation DSplay Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=151551"
},
{
"title": "Debian Security Advisories: DSA-5503-1 netatalk -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a240e1ca8e9fa1cbfa021929dfc6ac17"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Heap-based buffer overflow (CWE-122) [ Other ]",
"trust": 0.8
},
{
"problemtype": "CWE-122",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-492/"
},
{
"trust": 2.5,
"url": "https://www.synology.com/zh-hk/security/advisory/synology_sa_20_26"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2023/dsa-5503"
},
{
"trust": 1.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31439"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/202311-02"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/netatalk-buffer-overflow-via-dsi-stream-receive-38073"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.2863"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021050308"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042579"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3300"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-0194"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23124"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23122"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23123"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-45188"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23121"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23125"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-43634"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/122.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/netatalk/3.1.13~ds-2ubuntu0.22.10.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-9ubuntu0.22.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-4ubuntu0.20.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6146-1"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-42464"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/netatalk"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22995"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "PACKETSTORM",
"id": "172803"
},
{
"db": "PACKETSTORM",
"id": "174801"
},
{
"db": "PACKETSTORM",
"id": "175637"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"db": "VULHUB",
"id": "VHN-391194"
},
{
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"db": "PACKETSTORM",
"id": "172803"
},
{
"db": "PACKETSTORM",
"id": "174801"
},
{
"db": "PACKETSTORM",
"id": "175637"
},
{
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"date": "2021-05-21T00:00:00",
"db": "VULHUB",
"id": "VHN-391194"
},
{
"date": "2021-05-21T00:00:00",
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"date": "2022-02-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"date": "2023-06-08T15:06:14",
"db": "PACKETSTORM",
"id": "172803"
},
{
"date": "2023-09-21T16:23:34",
"db": "PACKETSTORM",
"id": "174801"
},
{
"date": "2023-11-13T21:46:53",
"db": "PACKETSTORM",
"id": "175637"
},
{
"date": "2021-05-21T15:15:07.707000",
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-24T00:00:00",
"db": "ZDI",
"id": "ZDI-21-492"
},
{
"date": "2021-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-391194"
},
{
"date": "2023-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2021-31439"
},
{
"date": "2022-02-03T09:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-007199"
},
{
"date": "2023-11-22T20:34:05.293000",
"db": "NVD",
"id": "CVE-2021-31439"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2023-06-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Synology\u00a0DiskStation\u00a0Manager\u00a0 Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007199"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-2219"
}
],
"trust": 1.2
}
}