![]() ![]() Authentication is not required to exploit this vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. CVE-2022-23121 : netatalk - parse_entries Improper Handling of Exceptional Conditions Remote Code Execution This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. CVE-2022-23122 : netatalk - setfilparams Stack-based Buffer Overflow Remote Code Execution CVE-2022-23123 : netatalk - getdirparams Out-Of-Bounds Read Information Disclosure Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1 ![]() CVE-2022-23124 : netatalk - get_finderinfo Out-Of-Bounds Read Information Disclosure Systems with a version string that is not 3.1.13 or newer are vulnerable. ![]() To verify if a system isvulnerable, run afpd -v. Versions Affected : All versions prior to TrueNAS Core 12.0-U8.1. 2022-03 CVE-2022-23125 : netatalk - copyapplfile Stack-based Buffer Overflow Remote Code Execution Users with different sharing protocols are encouraged to consider migrating. IXsystems strongly recommends using the SMB or NFS sharing protocols. #NETATALK PORTS FIREWALL UPDATE#TrueNAS SCALE is not vulnerable.Ī fix for these CVEs has been completed, update any TrueNAS systems to version 12.0-U8.1 as soon as possible. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |