17 matches found
CVE-2021-31439
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...
Debian DSA-5503-1 : netatalk - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5503 advisory. Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol AFP for offering file service mainly to macOS clients, which...
[SECURITY] [DSA 5503-1] netatalk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5503-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2023 https://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-6146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6146-1: Netatalk vulnerabilities
It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu...
[SECURITY] [DLA 3426-1] netatalk security update
Debian LTS Advisory DLA-3426-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 17, 2023 https://wiki.debian.org/LTS Package : netatalk Version : 3.1.12ds-3+deb10u1 CVE ID : CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 CVE-2022-23123 CVE-2022-2312...
Updated netatalk packages fix security vulnerability
Heap overflow leading to arbitrary code execution. CVE-2021-31439 Buffer overflow leading to remote code execution CVE-2022-0194 Improper length validation leading to remote code execution CVE-2022-23121 Buffer overflow leading to remote code execution CVE-2022-23122 Out-of-bounds read leading to...
Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-3 Multiple Vulnerabilities (Synology-SA-20:26) - Remote Known Vulnerable Versions Check
Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
QNAP QuTS hero Multiple Vulnerabilities (QSA-22-12)
QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...
Mageia: Security Advisory (MGASA-2022-0196)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0196 Updated netatalk packages fix security vulnerability
Remote arbitrary code execution related to dsistreamreceive. CVE-2021-31439 Remote arbitrary code execution related to parseentries. CVE-2022-23121 Remote arbitrary code execution related to copyapplfile. CVE-2022-23125...
SUSE SLED12 / SLES12 Security Update : netatalk (SUSE-SU-2022:1184-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1184-1 advisory. - CVE-2022-23125: Fixed remote arbitrary code execution related to copyapplfile. - CVE-2022-23121: Fixed remot...
CVE-2021-31439
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...
CVE-2021-31439
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...
CVE-2021-31439
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...
CVE-2021-31439
CVE-2021-31439 affects Netatalk components used by Synology DiskStation Manager. The flaw arises in the processing of DSI structures where the length of user-supplied data is not properly validated before copying to a heap-based buffer, enabling network-adjacent attackers to execute arbitrary cod...
CVE-2021-31439
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...