Количество 6
Количество 6
CVE-2022-43634
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646.
CVE-2022-43634
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646.
CVE-2022-43634
This vulnerability allows remote attackers to execute arbitrary code o ...
SUSE-SU-2023:0316-1
Security update for netatalk
GHSA-fwj9-7qq8-jc93
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646.
BDU:2023-00621
Уязвимость функции dsi_writeinit реализации протокола Apple Filing Protocol Netatalk, позволяющая нарушителю выполнить произвольный код в контексте root-пользователя
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-43634 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646. | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
 | CVE-2022-43634 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646. | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
| CVE-2022-43634 This vulnerability allows remote attackers to execute arbitrary code o ... | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
 | SUSE-SU-2023:0316-1 Security update for netatalk | 5% Низкий | около 3 лет назад | |
| GHSA-fwj9-7qq8-jc93 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsi_writeinit function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17646. | CVSS3: 9.8 | 5% Низкий | почти 3 года назад |
 | BDU:2023-00621 Уязвимость функции dsi_writeinit реализации протокола Apple Filing Protocol Netatalk, позволяющая нарушителю выполнить произвольный код в контексте root-пользователя | CVSS3: 9.8 | 5% Низкий | около 3 лет назад |
Уязвимостей на страницу