Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode

CVE-2022-23121 : netatalk - parse_entries Improper Handling of Exceptional Conditions Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system is vulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.


Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt

CVE-2022-23122 : netatalk - setfilparams Stack-based Buffer Overflow Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system is vulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.


Description

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt

CVE-2022-23123 : netatalk - getdirparams Out-Of-Bounds Read Information Disclosure

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.


Description

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt

CVE-2022-23124 : netatalk - get_finderinfo Out-Of-Bounds Read Information Disclosure

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.


Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt

CVE-2022-23125 : netatalk - copyapplfile Stack-based Buffer Overflow Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1.
To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.


Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt