Candidate: CVE-2018-1160
PublicDate: 2018-12-20 21:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1160
 https://bugzilla.samba.org/show_bug.cgi?id=13711
 http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html
 https://attachments.samba.org/attachment.cgi?id=14735
 https://github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/
 https://www.tenable.com/security/research/tra-2018-48
Description:
 Netatalk before 3.1.12 is vulnerable to an out of bounds write in
 dsi_opensess.c. This is due to lack of bounds checking on attacker
 controlled data. A remote unauthenticated attacker can leverage this
 vulnerability to achieve arbitrary code execution.
Ubuntu-Description:
 It was discovered that Netatalk did not properly handle certain input. A
 remote, unauthenticated attacker could use this vulnerability to execute
 arbitrary code.
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916930
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_netatalk:
upstream_netatalk: released (2.2.5-2+deb9u1)
precise/esm_netatalk: DNE
trusty_netatalk: released (2.2.2-1ubuntu2.2)
trusty/esm_netatalk: DNE (trusty was released [2.2.2-1ubuntu2.2])
xenial_netatalk: released (2.2.5-1ubuntu0.2)
bionic_netatalk: released (2.2.6-1ubuntu0.18.04.2)
cosmic_netatalk: released (2.2.6-1ubuntu0.18.10.2)
disco_netatalk: ignored (reached end-of-life)
eoan_netatalk: not-affected (3.1.12~ds-3)
focal_netatalk: not-affected (3.1.12~ds-3)
devel_netatalk: not-affected (3.1.12~ds-3)