[SECURITY] Fedora 43 Update: netatalk-4.4.3-1.fc43

Netatalk is a freely-available Open Source AFP file server. A NIX/BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server AFP. In addition to the AFP file server daemon, the following utility programs are also included: ad - AppleDouble...

Netatalk 安全特征问题漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.0 to 4.4.2 of Netatalk contained security vulnerabilities. These vulnerabilities stemmed from the generation of...

PT-2026-42118

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2 Description A heap buffer overflow exists in the cnid daemon within the comm rcv function. Netatalk is a file server that utilizes the Apple Filing Protocol. Recommendations Update to version 4.4.3...

[SECURITY] [DSA 62801] netatalk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6280-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 18, 2026 https://www.debian.org/security/faq -...

Debian dsa-62801 : a2boot - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-62801 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6280-1 [email protected]...

CVE-2026-5401

A flaw was found in Wireshark. An attacker could craft a malicious network trace file that, when opened by a user, would trigger a crash in the AFP Spotlight protocol dissector. This vulnerability leads to a denial of service, making the application unavailable. Mitigation To mitigate this issue,...

EUVD-2008-0769

Malware in sbrugna...

EUVD-2008-1038

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-22995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of...

Linux Distros Unpatched Vulnerability : CVE-2024-38441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuflen to '\0' in FPMapName in afpmapname in...

CVE-2025-31246

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from a connection to a malicious AFP server that could corrupt kernel memory...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from mounting a malicious AFP network share could result in system termination...

Apple Filing Protocol Info Enumerator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Filing Protocol Info Enumerator', 'Description' = %q This module fetches AFP server information, including server name, network address,...

Apple Filing Protocol Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/afp' class MetasploitModule 'Apple Filing Protocol Login...

USN-6786-1 netatalk vulnerabilities

It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code...

USN-6146-1: Netatalk vulnerabilities

It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu...

SUSE CVE-2005-2367

Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...

SUSE CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

Vulnerabilities fixed in Netatalk

Vulnerabilities have been fixed in Netatalk. Netatalk is an open-source protocol that allows Unix systems to communicate with Apple systems. Netatalk uses the Apple Filing Protocol; the vulnerabilities found are in this protocol. The vulnerabilities allow an unauthenticated remote malicious perso...