24 matches found
Synology DiskStation Manager Netatalk Out-of-bounds Write (CVE-2018-1160)
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsiopensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. This plugin only works with Tenable.ot. Pleas...
Update now! ASUS fixes nine security flaws
ASUS has released firmware updates for several router models fixing two critical and several other security issues. The new firmware with accumulated security updates is available for the models GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8,...
Mageia: Security Advisory (MGASA-2019-0061)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
moiatabroshura.bg Cross Site Scripting vulnerability
Security Researcher ImPRINCE Helped patch 122 vulnerabilities Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting moiatabroshura.bg website and its users. Following coordinated and responsible...
QNAP Netatalk 3.1.12 - Authentication Bypass
QNAP Netatalk 3.1.12 - Authentication Bypass Exploit Title: QNAP Netatalk Authentication Bypass Date: 12/20/2018 Original Exploit Author: Jacob Baines Modifications for QNAP devices: Mati Aharoni Vendor Homepage: http://netatalk.sourceforge.net/ Software Link:...
QNAP Netatalk Authentication Bypass
Exploit Title: QNAP Netatalk Authentication Bypass Date: 12/20/2018 Original Exploit Author: Jacob Baines Modifications for QNAP devices: Mati Aharoni Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 CVE :...
Netatalk Attention Quantum Out-of-bounds Write (CVE-2018-1160)
An out-of-bounds write vulnerability exists in Netatalk. This vulnerability is due to a missing bounds check. Successful exploitation could lead to arbitrary code execution with privileges of the root user...
Updated netatalk packages fix security vulnerability
Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, allowing an unauthenticated user to execute arbitrary code with root privileges CVE-2018-1160...
openSUSE Security Update : netatalk (openSUSE-2018-1614)
This update for netatalk fixes the following issues : Security issue fixed : - CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading for arbitrary code execution with root...
openSUSE: Security Advisory for netatalk (openSUSE-SU-2018:4287-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for netatalk (important)
This update for netatalk fixes the following issues: Security issue fixed: - CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading for arbitrary code execution with root...
Slackware 14.0 / 14.1 / 14.2 / current : netatalk (SSA:2018-355-01)
New netatalk packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-355-01. The text itself is copyright C Slackware...
SUSE SLED12 Security Update : netatalk (SUSE-SU-2018:4217-1)
This update for netatalk fixes the following issues : Security issue fixed : CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading to arbitrary code execution with root...
Netatalk < 3.1.12 - Authentication Bypass Exploit
Exploit Title: Netatalk Authentication Bypass Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS x8664 CVE : CVE-2018-1160 Advisory:...
SUSE-SU-2018:4217-1 Security update for netatalk
This update for netatalk fixes the following issues: Security issue fixed: - CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading to arbitrary code execution with root...
SUSE-SU-2018:4214-1 Security update for netatalk
This update for netatalk fixes the following issues: Security issue fixed: - CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading for arbitrary code execution with root...
Debian DSA-4356-1 : netatalk - security update
Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges. C Tenable Network Security, Inc. The descriptive text and package checks i...
Netatalk 3.1.12 - Authentication Bypass
Netatalk 3.1.12 - Authentication Bypass Exploit Title: Netatalk Authentication Bypass Date: 12/20/2018 Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS...
Netatalk 3.1.12 - Authentication Bypass
Exploit Title: Netatalk Authentication Bypass Date: 12/20/2018 Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS x8664 CVE : CVE-2018-1160 Advisory:...
CVE-2018-1160
creationtimestamp| type| source ---|---|--- 2018-12-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46048 2018-12-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46034 2019-04-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46675 2019-12-19...