Intrusion Prevention

Netatalk.DSIOpenSession.Attention.Quantum.Out.of.Bounds.Write

Description

This indicates an attack attempt to exploit an Out Of Bounds Write vulnerability in Netatalk.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted request. A remote attacker may be able to exploit this to execute arbitrary code, via a crafted DSI OpenSession command.

Affected Products

Netatalk Netatalk prior to 3.1.12

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor:
http://netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.html

CVE References

CVE-2018-1160