Lucene search
K

12 matches found

NVD
NVD
added 2024/06/16 1:15 p.m.22 views

CVE-2024-38439

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS0.00931EPSS
Exploits1References5
NVD
NVD
added 2024/06/16 1:15 p.m.20 views

CVE-2024-38441

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuflen to '\0' in FPMapName in afpmapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS0.0092EPSS
Exploits1References5
NVD
NVD
added 2024/06/16 1:15 p.m.27 views

CVE-2024-38440

Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BNbin2bn in etc/uams/uamsdhxpam.c. The original issue 1097 report stated: 'The latest version of Netatalk v3.2.0 contains a security...

7.5CVSS0.0088EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/06/16 1:15 p.m.22 views

CVE-2024-38439

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS7.2AI score0.00931EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.26 views

CVE-2024-38439

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...

0.00931EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.23 views

CVE-2024-38441

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuflen to '\0' in FPMapName in afpmapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions...

0.0092EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/06/16 12:0 a.m.23 views

CVE-2024-38441

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuflen to '\0' in FPMapName in afpmapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions...

6.9AI score0.0092EPSS
Exploits1References4
CVE
CVE
added 2024/06/16 12:0 a.m.174 views

CVE-2024-38439

Netatalk before 3.2.1 has multiple heap-based buffer overflow off-by-one defects. CVE-2024-38439 (ibuf[PASSWDLEN] = '\0' in FPLoginExt), CVE-2024-38440 (BN_bin2bn in FPLoginExt), and CVE-2024-38441 (ibuf[len] = '\0' in FPMapName) originate in etc/uams/uams_pam.c and etc/afp/directory.c. The issue...

9.8CVSS7AI score0.00931EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2024/06/16 12:0 a.m.94 views

CVE-2024-38440

Netatalk (AFP server) prior to 3.2.1 is affected by off-by-one errors that trigger heap-based buffer overflow/segmentation faults. The issue stems from FPLoginExt usage of BN_bin2bn in /etc/uams/uams_dhx_pam.c (and related FPMapName in afp_mapname/directory.c), enabling out-of-bounds writes and p...

7.5CVSS7.2AI score0.0088EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2024/06/16 12:0 a.m.13 views

CVE-2024-38441

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuflen to '\0' in FPMapName in afpmapname in etc/afpd/directory.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS8.7AI score0.0092EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/06/16 12:0 a.m.21 views

CVE-2024-38439

Netatalk before 3.2.1 has an off-by-one error and resultant heap-based buffer overflow because of setting ibufPASSWDLEN to '\0' in FPLoginExt in login in etc/uams/uamspam.c. 2.4.1 and 3.1.19 are also fixed versions...

9.8CVSS8.7AI score0.00931EPSS
Exploits1
Debian CVE
Debian CVE
added 2024/06/16 12:0 a.m.16 views

CVE-2024-38440

Netatalk before 3.2.1 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BNbin2bn in etc/uams/uamsdhxpam.c. The original issue 1097 report stated: 'The latest version of Netatalk v3.2.0 contains a security...

7.5CVSS7.7AI score0.0088EPSS
Exploits1
Rows per page
Query Builder