Download
| Alert*
[3.8] netatalk: Unauthenticated remote code execution (CVE-2018-1160)
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
|