Netatalk OpenSession Remote Code Execution
Critical Nessus Plugin ID 119780
SynopsisA file sharing service on the remote host is affected by a remote code execution vulnerability.
DescriptionThe Apple Filing Protocol (AFP) server running on the remote host is affected by a remote code execution vulnerability due to a buffer overflow condition when handling an OpenSession request. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to execute arbitrary code.
SolutionUpgrade to Netatalk 3.1.12 or later.