CVE-2018-1160

Summary

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
NetatalkNetatalkBefore 3.1.12affected

Weaknesses

  • CWE-787: CWE-787 Out of bounds write

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References