An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a denial of service via a crafted ASP request.
4.1.2~ds-44.2.1~ds-14.2.3~ds-14.2.3~ds-14.2.3~ds-24.2.3~ds-2.12.2.2-1ubuntu12.2.2-1ubuntu22.2.2-1ubuntu2.22.2.2-1ubuntu2.2+esm12.2.2-1ubuntu2.2+esm22.2.5-12.2.5-1ubuntu0.22.2.5-1ubuntu0.2+esm12.2.5-1ubuntu0.2+esm22.2.6-12.2.6-1ubuntu0.18.04.22.2.6-1ubuntu0.18.04.2+esm12.2.6-1ubuntu0.18.04.2+esm23.1.12~ds-33.1.12~ds-43.1.12~ds-4ubuntu0.20.04.13.1.12~ds-4ubuntu0.20.04.33.1.12~ds-4ubuntu0.20.04.3+esm13.1.12~ds-4ubuntu0.20.04.43.1.12~ds-93.1.12~ds-9build13.1.12~ds-9ubuntu0.22.04.13.1.12~ds-9ubuntu0.22.04.33.1.12~ds-9ubuntu0.22.04.3+esm13.1.12~ds-9ubuntu0.22.04.43.1.15~ds-1ubuntu13.1.18~ds-13.1.18~ds-1build23.1.18~ds-1build43.1.18~ds-1ubuntu0.1~esm1Exploitability
AV:AAC:LPR:NUI:NScope
S:UImpact
C:LI:NA:HCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H