805 matches found
CVE-2007-6734
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors...
Session fixation
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session...
CVE-2007-6735
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session...
CVE-2002-2433
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service abend via a crafted ABOR command...
CVE-2004-2767
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service connection slot exhaustion by establishing many FTP sessions that persist for the lifetime of a DS session...
Design/Logic Flaw
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors...
CVE-2005-4888
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service excessive stale connections by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed...
CVE-2003-1594
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session...
CVE-2002-2432
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service abend via a crafted username...
CVE-2002-2434
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service abend via multiple FTP sessions...
CVE-2003-1592
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service abend via a long 1 username or 2 password...
CVE-2005-4887
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords...
CVE-2002-2432
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service abend via a crafted username...
CVE-2003-1593
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection...
CVE-2005-4888
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service excessive stale connections by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed...
CVE-2000-1246
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service abend by sending an RNTO command after a failed RNFR command...
CVE-2000-1246
The CVE-2000-1246 entry refers to NWFTPD.nlm before 5.01o in the Novell NetWare 5.1 SP3 FTP server. It states that remote authenticated users can trigger a denial of service (abend) by sending RNTO after a failed RNFR command. This affects the FTP server component and the vulnerability causes ava...
CVE-2003-1593
The CVE-2003-1593 entry concerns NWFTPD.nlm in the NetWare FTP server, affected on NetWare 6.0 before SP4 and 6.5 before SP1. The root cause is that domain-name login restrictions are not enforced, allowing remote attackers to bypass access controls via FTP. Public references in the connected doc...
CVE-2007-6735
CVE-2007-6735 affects NWFTPD.nlm prior to 5.08.06 on Novell NetWare. The FTP server’s handling of container name matches in FTPREST.TXT is flawed, allowing remote attackers to bypass access restrictions during an FTP session. The issue is rooted in improper partial matching of container names, en...
CVE-2003-1592
CVE-2003-1592 corresponds to multiple buffer overflows in NWFTPD.nlm of the Novell NetWare FTP server. Affected products are NetWare 6.0 before SP4 and 6.5 before SP1. The issue allows remote attackers to cause a denial of service (abend) by sending a long username or password. The Red Hat/NVD en...