Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:29 p.m.9 views

CVE-2022-23121

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseentries function. The issue results from the lack of proper error handling when parsin...

9.8CVSS7.2AI score0.08594EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.33 views

Debian DSA-5503-1 : netatalk - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5503 advisory. Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol AFP for offering file service mainly to macOS clients, which...

9.8CVSS8.1AI score0.18903EPSS
Exploits1References24
Debian
Debian
added 2023/09/20 5:47 p.m.57 views

[SECURITY] [DSA 5503-1] netatalk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5503-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.8AI score0.18903EPSS
Exploits1
Slackware Linux
Slackware Linux
added 2023/09/14 2:16 a.m.38 views

[slackware-security] netatalk

New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.1.16-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues. Shared library .so-version...

9.8CVSS7AI score0.08594EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/14 12:0 a.m.30 views

Slackware Linux 14.1 / 14.2 / 15.0 / current netatalk Multiple Vulnerabilities (SSA:2023-256-03)

The version of netatalk installed on the remote host is prior to 3.1.16. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-256-03 advisory. - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authenticati...

9.8CVSS7.4AI score0.08594EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2023/06/08 9:57 a.m.63 views

USN-6146-1: Netatalk vulnerabilities

It was discovered that Netatalk did not properly validate the length of user-supplied data in the DSI structures. A remote attacker could possibly use this issue to execute arbitrary code with the privileges of the user invoking the programs. This issue only affected Ubuntu 20.04 LTS and Ubuntu...

9.8CVSS8.3AI score0.18903EPSS
Exploits1
Debian
Debian
added 2023/06/01 5:49 p.m.67 views

[SECURITY] [DLA 3426-2] netatalk regression update

Debian LTS Advisory DLA-3426-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 01, 2023 https://wiki.debian.org/LTS Package : netatalk Version : 3.1.12ds-3+deb10u2 CVE ID : CVE-2022-23121 Debian Bug : 1036740 The security update of netatalk, the Apple Filing...

9.8CVSS7.3AI score0.08594EPSS
Exploits0
Debian
Debian
added 2023/05/16 10:24 p.m.102 views

[SECURITY] [DLA 3426-1] netatalk security update

Debian LTS Advisory DLA-3426-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 17, 2023 https://wiki.debian.org/LTS Package : netatalk Version : 3.1.12ds-3+deb10u1 CVE ID : CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 CVE-2022-23123 CVE-2022-2312...

9.8CVSS7.1AI score0.18903EPSS
Exploits1
CVE
CVE
added 2023/03/28 12:0 a.m.705 views

CVE-2022-23121

CVE-2022-23121 is a Netatalk remote code execution vulnerability (root context) caused by improper error handling in AppleDouble parsing in parse_entries. The issue is part of multiple Netatalk flaws (e.g., CVE-2022-23122, CVE-2022-23123, CVE-2022-23124, CVE-2022-23125) affecting 3.1.x releases; ...

9.8CVSS9.6AI score0.08594EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2023/03/28 12:0 a.m.1340 views

CVE-2022-23121

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseentries function. The issue results from the lack of proper error handling when parsin...

9.8CVSS9.8AI score0.08594EPSS
Exploits0
Mageia
Mageia
added 2023/02/07 12:6 a.m.140 views

Updated netatalk packages fix security vulnerability

Heap overflow leading to arbitrary code execution. CVE-2021-31439 Buffer overflow leading to remote code execution CVE-2022-0194 Improper length validation leading to remote code execution CVE-2022-23121 Buffer overflow leading to remote code execution CVE-2022-23122 Out-of-bounds read leading to...

9.8CVSS3.4AI score0.08594EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/11/16 12:0 a.m.26 views

Synology DiskStation Manager (DSM) 6.2.x < 6.2.4-25556-6, 7.0.x < 7.0.1-42218-4, 7.1.x < 7.1-42661-1 Multiple Vulnerabilities (Synology-SA-22:06) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS7.6AI score0.08594EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/11/16 12:0 a.m.25 views

Synology DiskStation Manager (DSM) 6.2.x < 6.2.4-25556-6, 7.0.x < 7.0.1-42218-4, 7.1.x < 7.1-42661-1 Multiple Vulnerabilities (Synology-SA-22:06) - Unreliable Remote Version Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS7.6AI score0.08594EPSS
Exploits0References1
CERT
CERT
added 2022/11/16 12:0 a.m.84 views

Netatalk contains multiple error and memory management vulnerabilities

Overview There are six new vulnerabilities in the latest release of Netatalk 3.1.12 that could allow for Remote Code Execution as well as Out-of-bounds Read. Description Below are the new CVEs. Per ZDI: CVE-2022-0194 This vulnerability allows remote attackers to execute arbitrary code on affected...

9.8CVSS8.4AI score0.08594EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/05/30 12:0 a.m.23 views

QNAP QuTS hero Multiple Vulnerabilities (QSA-22-12)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

9.8CVSS7.7AI score0.08594EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/05/23 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2022-0196)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.4AI score0.08594EPSS
Exploits0References4
OSV
OSV
added 2022/05/22 11:26 a.m.7 views

MGASA-2022-0196 Updated netatalk packages fix security vulnerability

Remote arbitrary code execution related to dsistreamreceive. CVE-2021-31439 Remote arbitrary code execution related to parseentries. CVE-2022-23121 Remote arbitrary code execution related to copyapplfile. CVE-2022-23125...

9.8CVSS9.5AI score0.08594EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/04/14 12:0 a.m.39 views

SUSE SLED12 / SLES12 Security Update : netatalk (SUSE-SU-2022:1184-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1184-1 advisory. - CVE-2022-23125: Fixed remote arbitrary code execution related to copyapplfile. - CVE-2022-23121: Fixed remot...

9.8CVSS8.2AI score0.08594EPSS
Exploits0References8
Rows per page
Query Builder