Unrated severityNVD Advisory· Published Dec 20, 2018· Updated Feb 13, 2026
CVE-2018-1160
CVE-2018-1160
Description
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords7 versionspkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3pkg:rpm/suse/netatalk&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
< 3.1.0-3.3.1+ 6 more
- (no CPE)range: < 3.1.0-3.3.1
- (no CPE)range: < 3.1.0-3.3.1
- (no CPE)range: < 2.0.3-249.23.3.1
- (no CPE)range: < 3.1.0-3.3.1
- (no CPE)range: < 3.1.0-3.3.1
- (no CPE)range: < 3.1.0-3.3.1
- (no CPE)range: < 3.1.0-3.3.1
Patches
Vulnerability mechanics
References
11- www.exploit-db.com/exploits/46034/mitreexploitx_refsource_EXPLOIT-DB
- www.exploit-db.com/exploits/46048/mitreexploitx_refsource_EXPLOIT-DB
- www.exploit-db.com/exploits/46675/mitreexploitx_refsource_EXPLOIT-DB
- www.debian.org/security/2018/dsa-4356mitrevendor-advisoryx_refsource_DEBIAN
- netatalk.sourceforge.net/3.1/ReleaseNotes3.1.12.htmlmitrex_refsource_CONFIRM
- packetstormsecurity.com/files/152440/QNAP-Netatalk-Authentication-Bypass.htmlmitrex_refsource_MISC
- www.securityfocus.com/bid/106301mitrevdb-entryx_refsource_BID
- attachments.samba.org/attachment.cgimitrex_refsource_MISC
- github.com/tenable/poc/tree/master/netatalk/cve_2018_1160/mitrex_refsource_MISC
- www.synology.com/security/advisory/Synology_SA_18_62mitrex_refsource_CONFIRM
- www.tenable.com/security/research/tra-2018-48mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.