Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode
TrueNAS.com Software Systems Company Community Security iX Portal Download
Back to homepage

CVE-2022-23121 : netatalk - parse_entries Improper Handling of Exceptional Conditions Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system is vulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt
One minute to read

CVE-2022-23122 : netatalk - setfilparams Stack-based Buffer Overflow Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system is vulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.

Description

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt
One minute to read

CVE-2022-23123 : netatalk - getdirparams Out-Of-Bounds Read Information Disclosure

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.

Description

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt
One minute to read

CVE-2022-23124 : netatalk - get_finderinfo Out-Of-Bounds Read Information Disclosure

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt
One minute to read

CVE-2022-23125 : netatalk - copyapplfile Stack-based Buffer Overflow Remote Code Execution

Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1.
To verify if a system isvulnerable, run afpd -v. Systems with a version string that is not 3.1.13 or newer are vulnerable.

Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability.

Read full post gdoc_arrow_right_alt
One minute to read

TrueNAS
CORETM | EnterpriseTM
Security
TrueNAS
SCALETM | EnterpriseTM
Security
TrueCommand®
Security
TrueNAS® | Enterprise
Hardware Solutions
Security