{"enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2017-04-28T13:20:16", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2002-2096"]}], "modified": "2017-04-28T13:20:16", "rev": 2}, "vulnersScore": 7.2}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Novell NetWare", "operator": "eq", "version": "5.1"}, {"name": "Novell NetWare", "operator": "eq", "version": "6 Support Pack 1"}], "references": [], "href": "https://vulners.com/osvdb/OSVDB:19752", "id": "OSVDB:19752", "title": "Novell NetWare Remote Manager httpstk.nlm Multiple Field Remote Overflow", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "lastseen": "2017-04-28T13:20:16", "edition": 1, "reporter": "Patrik Karlsson(patrik.karlsson@ixsecurity.com)", "description": "## Vulnerability Description\nA remote overflow exists in Novell NetWare. The 'HTTPSTK.NLM' module of the NetWare Remote Manager fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request containing an overly long username or password, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Novell has released a patch to address this vulnerability.\n## Short Description\nA remote overflow exists in Novell NetWare. The 'HTTPSTK.NLM' module of the NetWare Remote Manager fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request containing an overly long username or password, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: http://www.novell.com/\n[Vendor Specific Advisory URL](http://support.novell.com/servlet/tidfinder/2962026)\nSecurity Tracker: 1004013\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-04/0001.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-04/0088.html\nISS X-Force ID: 8736\n[CVE-2002-2096](https://vulners.com/cve/CVE-2002-2096)\nBugtraq ID: 4405\n", "modified": "2002-04-02T05:56:57", "viewCount": 1, "published": "2002-04-02T05:56:57", "cvelist": ["CVE-2002-2096"], "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:19:08", "description": "Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.", "edition": 4, "cvss3": {}, "published": "2002-12-31T05:00:00", "title": "CVE-2002-2096", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2002-2096"], "modified": "2008-09-05T20:32:00", "cpe": ["cpe:/o:novell:netware:5.1", "cpe:/o:novell:netware:6.0"], "id": "CVE-2002-2096", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-2096", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:novell:netware:6.0:*:*:*:*:*:*:*"]}]}