CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
30.3%
[email protected] reports:
This entry documents the following three vulnerabilities:
Netatalk before 3.2.1 has an off-by-one error and resultant heap-based
buffer overflow because of setting ibuf[len] to ‘\0’ in
FPMapName in afp_mapname in etc/afpd/directory.c. 2.4.1 and 3.1.19
are also fixed versions.
Netatalk before 3.2.1 has an off-by-one error, and resultant
heap-based buffer overflow and segmentation violation, because of
incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c.
The original issue 1097 report stated: 'The latest version of
Netatalk (v3.2.0) contains a security vulnerability. This vulnerability
arises due to a lack of validation for the length field after parsing
user-provided data, leading to an out-of-bounds heap write of one
byte (\0). Under specific configurations, this can result in reading
metadata of the next heap block, potentially causing a Denial of
Service (DoS) under certain heap layouts or with ASAN enabled. …
Netatalk before 3.2.1 has an off-by-one error and resultant heap-based
buffer overflow because of setting ibuf[PASSWDLEN] to ‘\0’
in FPLoginExt in login in etc/uams/uams_pam.c. 2.4.1 and 3.1.19
are also fixed versions.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
30.3%