Lucene search

[email protected]CVE-2003-1593

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2003-1593

2022-10-0316:15:42

CWE-264

[email protected]

web.nvd.nist.gov

cve-2003-1593

nwftpd.nlm

ftp server

novell netware

access control

security vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.

Affected configurations

NVD

Node

novellnetware_ftp_server

AND

novellnetwareMatch6.0

novellnetwareMatch6.0sp1

novellnetwareMatch6.0sp2

novellnetwareMatch6.0sp3

novellnetwareMatch6.5

CPENameOperatorVersion
novell:netware_ftp_servernovell netware ftp servereq*
novell:netwarenovell netwareeq6.0
novell:netwarenovell netwareeq6.5

CPE	Name	Operator	Version
novell:netware_ftp_server	novell netware ftp server	eq	*
novell:netware	novell netware	eq	6.0
novell:netware	novell netware	eq	6.5

References

www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

JSON

Related for CVE-2003-1593

cvelist1 nvd1