Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netatalk netatalk vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-1160
Netatalk prior to 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
Netatalk Netatalk
Synology Skynas -
Synology Diskstation Manager
Synology Router Manager
Synology Vs960hd Firmware -
Debian Debian Linux 9.0
1 EDB exploit
3 Github repositories
9.3
CVSSv2
CVE-2008-5718
The papd daemon in Netatalk prior to 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote malicious users to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Title.
Netatalk Netatalk 2.0
Netatalk Netatalk 1.6.4
Netatalk Netatalk 1.6.3
Netatalk Netatalk 1.6.2
Netatalk Netatalk 1.5pre5
Netatalk Netatalk 1.5pre4
Netatalk Netatalk 1.5pre3
Netatalk Netatalk 1.4.99-0.20001108
Netatalk Netatalk 2.0.2
Netatalk Netatalk 2.0.1
Netatalk Netatalk 1.6.4a
Netatalk Netatalk 2.0.0
Netatalk Netatalk 1.5.2
Netatalk Netatalk 1.5.1.1
Netatalk Netatalk 1.5.1
Netatalk Netatalk 1.5.0
Netatalk Netatalk 1.6.0
Netatalk Netatalk 1.5.3.1
Netatalk Netatalk 1.5
Netatalk Netatalk 1.5pre8
Netatalk Netatalk 1.5pre6
Netatalk Netatalk 1.4.99-0.20000927
9
CVSSv2
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions before 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow ou...
Samba Samba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 21.10
Synology Diskstation Manager
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Resilient Storage 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux For Ibm Z Systems 7.0
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 8.0
3 Github repositories
1 Article
7.5
CVSSv2
CVE-2022-22995
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
Westerndigital My Cloud Ex4100 Firmware
Westerndigital My Cloud Ex2 Ultra Firmware
Westerndigital My Cloud Mirror Gen 2 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Firmware
Westerndigital Wd Cloud Firmware
Westerndigital My Cloud Home Firmware
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netatalk Netatalk
5.8
CVSSv2
CVE-2021-31439
This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatal...
Synology Diskstation Manager
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netatalk Netatalk
2.1
CVSSv2
CVE-2004-0974
The netatalk package in Trustix Secure Linux 1.5 up to and including 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
Netatalk Open Source Apple File Share Protocol Suite 1.5 Pre6
Netatalk Open Source Apple File Share Protocol Suite 1.6.4
Netatalk Open Source Apple File Share Protocol Suite 1.6.1
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux Corporate Server 2.1
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux 10.0
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
NA
CVE-2023-42464
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x prior to 3.1.17. When parsing Spotlight RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the...
Netatalk Netatalk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-43634
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper va...
Netatalk Netatalk 3.1.13
NA
CVE-2022-23121
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper er...
Netatalk Netatalk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-23122
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper val...
Netatalk Netatalk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »