Netatalk Security Advisory
| Subject | Unauthenticated remote code execution |
|---|---|
| CVE ID# | CVE-2018-1160 |
| Severity | Critical |
| Disclosure Date | 2018/12/20 |
| Affected Versions | 3.0.0 - 3.1.11, 1.5.0 - 2.2.6 |
| Summary | Unauthenticated user can cause arbitrary code execution with root privileges |
Description
Due to a missing bounds check in the handling of the DSI Opensession command, an unauthenticated user can overwrite memory with data of their choice which can ultimately lead to arbitrary code execution with root privileges.
Patch Availability
Apply the patches CVE-2018-1160-1.patch and CVE-2018-1160-2.patch to hotfix your local Netatalk deployment.
Additionally, Netatalk 3.1.12 and 2.2.7 have been released which contains the security patch. Netatalk administrators are advised to upgrade to this version or apply the patch as soon as possible.
CVSS Calculation
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)
Workaround
None.
Credits
Vulnerability reported by:
Jacob Baines from Tenable
Patch developed by:
Ralph Boehme of the Netatalk and Samba teams
References
Go back to the Security Policy.
