Test ID:	1.3.6.1.4.1.25623.1.1.10.2023.0027
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2023-0027)
Summary:	The remote host is missing an update for the 'netatalk' package(s) announced via the MGASA-2023-0027 advisory.
Description:	Summary: The remote host is missing an update for the 'netatalk' package(s) announced via the MGASA-2023-0027 advisory. Vulnerability Insight: Heap overflow leading to arbitrary code execution. (CVE-2021-31439) Buffer overflow leading to remote code execution (CVE-2022-0194) Improper length validation leading to remote code execution (CVE-2022-23121) Buffer overflow leading to remote code execution (CVE-2022-23122) Out-of-bounds read leading to information disclosure (CVE-2022-23123) Out-of-bounds read leading to information disclosure (CVE-2022-23124) Improper length validation leading to remote code execution (CVE-2022-23125) Heap-based buffer overflow in afp_getappl resulting in code execution via a crafted .appl file (CVE-2022-45188) Affected Software/OS: 'netatalk' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-31439 Debian Security Information: DSA-5503 (Google Search) https://www.debian.org/security/2023/dsa-5503 https://security.gentoo.org/glsa/202311-02 https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26 https://www.zerodayinitiative.com/advisories/ZDI-21-492/ https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0194 https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html https://www.zerodayinitiative.com/advisories/ZDI-22-530/ Common Vulnerability Exposure (CVE) ID: CVE-2022-23121 https://www.zerodayinitiative.com/advisories/ZDI-22-527/ https://lists.debian.org/debian-lts-announce/2023/06/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2022-23122 https://www.zerodayinitiative.com/advisories/ZDI-22-529/ Common Vulnerability Exposure (CVE) ID: CVE-2022-23123 https://www.zerodayinitiative.com/advisories/ZDI-22-528/ https://lists.debian.org/debian-lts-announce/2023/08/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2022-23124 https://www.zerodayinitiative.com/advisories/ZDI-22-525/ Common Vulnerability Exposure (CVE) ID: CVE-2022-23125 https://www.zerodayinitiative.com/advisories/ZDI-22-526/ Common Vulnerability Exposure (CVE) ID: CVE-2022-45188 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GEAFLA5L2SHOUFBAGUXIF2TZLGBXGJKT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZYWSGVA6WXREMB6PV56HAHKU7R6KPOP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SG6WZW5LXFVH3P7ZVZRGHUVJEMEFKQLI/ https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.14.html https://rushbnt.github.io/bug%20analysis/netatalk-0day/ https://sourceforge.net/projects/netatalk/files/netatalk/
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.