9 matches found
CVE-2026-44054
A flaw was found in Netatalk. A remote attacker could exploit a predictable afpd session token, which is used for managing user sessions, to cause a Denial of Service DoS. This vulnerability allows an attacker to disrupt the availability of the affected service...
EUVD-2026-31231
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
CVE-2026-44054
CVE-2026-44054 affects Netatalk 2.0.0 through 4.4.2, where AFP session tokens are derived from predictable data (process IDs), enabling a remote authenticated attacker to trigger denial of service via the reconnect mechanism. Debian and Alpine advisories align on the DoS impact and note fixes in ...
CVE-2026-44054 Predictable afpd session token
Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism...
SUSE CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
UBUNTU-CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in...
PT-2023-28357 · Netatalk +4 · Netatalk +4
Name of the Vulnerable Software and Affected Versions: Netatalk versions 3.1.x through 3.1.16 Description: A Type Confusion issue was found in the Spotlight RPC functions in afpd. The problem arises when parsing Spotlight RPC packets, specifically with a key-value style dictionary where keys are...