Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
References
Link | Resource |
---|---|
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html | Release Notes |
http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html | Exploit Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/106301 | Third Party Advisory VDB Entry |
https://attachments.samba.org/attachment.cgi?id=14735 | Third Party Advisory |
https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/ | Release Notes Third Party Advisory |
https://www.debian.org/security/2018/dsa-4356 | Third Party Advisory |
https://www.exploit-db.com/exploits/46034/ | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/46048/ | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/46675/ | Exploit Third Party Advisory VDB Entry |
https://www.synology.com/security/advisory/Synology_SA_18_62 | Third Party Advisory |
https://www.tenable.com/security/research/tra-2018-48 | Exploit Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2018-12-20T00:00:00
Updated: 2019-04-08T20:06:06
Reserved: 2017-12-05T00:00:00
Link: CVE-2018-1160
JSON object: View
NVD Information
Status : Modified
Published: 2018-12-20T21:29:00.477
Modified: 2023-09-29T11:15:02.217
Link: CVE-2018-1160
JSON object: View
Redhat Information
No data.
CWE