Lucene search

MitreCVE-2003-1594

HistoryApr 05, 2010 - 3:30 p.m.

CVE-2003-1594

2010-04-0515:30:00

CWE-264

mitre

web.nvd.nist.gov

nwftpd.nlm

novell netware 6.5

ftp server

cve-2003-1594

ftprest.txt

access restrictions

security vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.003

Percentile

68.0%

JSON

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.

Affected configurations

Nvd

Node

novellnetware_ftp_server

AND

novellnetwareMatch6.5

VendorProductVersionCPE
novellnetware_ftp_server*cpe:2.3:a:novell:netware_ftp_server:*:*:*:*:*:*:*:*
novellnetware6.5cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	netware_ftp_server	*	cpe:2.3:a:novell:netware_ftp_server::::::::
novell	netware	6.5	cpe:2.3:o:novell:netware:6.5:::::::*

References

www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.003

Percentile

68.0%

JSON

Related for CVE-2003-1594