Published: 20/12/2018 Updated: 29/09/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Netatalk prior to 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netatalk netatalk
synology skynas -
synology diskstation manager
synology router manager
synology vs960hd_firmware -
debian debian linux 9.0

Debian Bug report logs - #916930 netatalk: CVE-2018-1160: Unauthenticated remote code execution in Netatalk Package: src:netatalk; Maintainer for src:netatalk is Debian Netatalk team <pkg-netatalk-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 20 Dec 2018 16:12:01 UTC ...

Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges For the stable distribution (stretch), this problem has been fixed in version 225-2+deb9u1 We recommend that you upgrade you ...

## # Exploit Title: QNAP Netatalk Authentication Bypass # Date: 12/20/2018 # Original Exploit Author: Jacob Baines # Modifications for QNAP devices: Mati Aharoni # Vendor Homepage: netatalksourceforgenet/ # Software Link: sourceforgenet/projects/netatalk/files/ # Version: Before 3112 # CVE : CVE-2018-1160 # Advisory: www ...

QNAP Netatalk versions prior to 3112 suffer from an authentication bypass vulnerability ...

Netatalk versions prior to 3112 suffer from an authentication bypass vulnerability ...

搜集的或者自己写的poc或者exp

poc_and_exp 搜集的或者自己写的poc或者exp 所有代码仅为教育目的编写，使用范围仅限于教育研究以及合法的渗透测试及攻防演练，使用者请自觉遵守所在地法律法规 pyspider unauthorized access pyspider未授权访问利用 drivertomblogspotcom/2019/06/pyspider-webuipocexphtml URPResetHunter URP教务系统鸡肋任�

Damn Vulnerable Router Firmware(DVRF)

Danm Vulnerable Router Firmware 介绍 DVRF 的全称是 Danm Vulnerable Router Firmware，该项目是一个基于 OpenWrt 改造的漏洞固件。用 CTF 模式来帮助安全专业人员测试物联网设备中常见的漏洞，其中部分漏洞题基于公开的 CVE 漏洞。 DVRF 描述 L1 Brute Login L2 Damn XSS (CVE-2019-18993) L3 What‘s your bandwidt

My PWN 练习题，异构PWN技能栈，适合IoT安全研究者。

pwn-exercise My PWN 练习题。相关文件在对应的文件夹下。异构PWN技能栈，适合IoT安全研究者。 0x01 Linux x86 stack 初探栈溢出知识点：pwndbg & pwntools & 保护机制 & 栈溢出 ret2shellcode 知识点：pwn checksec & ret2shellcode ret2syscall 知识点：ROPgadget & ret2syscall ret2li

CWE-787 https://www.tenable.com/security/research/tra-2018-48 https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/https://attachments.samba.org/attachment.cgi?id=14735 http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html https://www.debian.org/security/2018/dsa-4356 https://www.exploit-db.com/exploits/46034/https://www.synology.com/security/advisory/Synology_SA_18_62 https://www.exploit-db.com/exploits/46048/http://www.securityfocus.com/bid/106301 https://www.exploit-db.com/exploits/46675/http://packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916930 https://nvd.nist.gov https://www.exploit-db.com/exploits/46675 https://github.com/TomAPU/poc_and_exp https://www.debian.org/security/./dsa-4356

CVE-2018-1160

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect