805 matches found
[SA14611] Novell Netware Xsession Security Bypass
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Novell Netware Xsession Security Bypass SECUNIA ADVISO...
HP-UX Security patch : PHNE_11722
The remote host is missing HP-UX Security Patch number PHNE11722 . Security Vulnerability in Novell NetWare 3.12 on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid17408;...
HP-UX Security patch : PHNE_11723
The remote host is missing HP-UX Security Patch number PHNE11723 . Security Vulnerability in Novell NetWare 3.12 on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16598;...
HP-UX Security patch : PHNE_11724
The remote host is missing HP-UX Security Patch number PHNE11724 . Security Vulnerability in Novell NetWare 3.12 on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16597;...
HP-UX Security patch : PHNE_10341
The remote host is missing HP-UX Security Patch number PHNE10341 . Security Vulnerability in Novell NetWare 3.12 on HP-UX %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid17050;...
CVE-2005-0014
CVE-2005-0014 describes a buffer overflow in the NetWare client’s ncpfs component, specifically in ncplogin, prior to version 2.2.6. The flaw allows remote, unauthenticated attackers on a malicious NetWare server to execute arbitrary code on the affected client. Multiple sources confirm the issue...
CVE-2005-0013
CVE-2005-0013 affects nwclient.c in ncpfs prior to version 2.2.6, where root privileges are not dropped before executing NetWare client utilities, enabling local privilege escalation. The vulnerability (base CVSS v2.0 7.2 HIGH) has been addressed by updated ncpfs packages (e.g., 2.2.6) across mul...
CVE-2005-0014
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client...
Mandrake Linux Security Advisory : ncpfs (MDKSA-2005:028)
Erik Sjolund discovered two vulnerabilities in programs bundled with ncpfs. Due to a flaw in nwclient.c, utilities that use the NetWare client functions insecurely access files with elevated privileges CVE-2005-0013, and there is a potentially exploitable buffer overflow in the ncplogin program...
Multiple ncpfs (Novell Netware client for Unix/Linux) bugs
Symbolic links problems during accessing files in user's home with elevated privileges. Buffer overflow with malicious Novell Netware server...
ncpfs: Multiple vulnerabilities
Background ncpfs is a NCP protocol network filesystem driver that allows access to NetWare services, to mount volumes of NetWare servers or print to NetWare print queues. Description Erik Sjolund discovered two vulnerabilities in the programs bundled with ncpfs: there is a potentially exploitable...
Novell Netware CIFS DoS
Error in file protocol handling leads to crash in CIFS.NLM...
[SA13766] Novell Netware CIFS Denial of Service Vulnerability
TITLE: Novell Netware CIFS Denial of Service Vulnerability SECUNIA ADVISORY ID: SA13766 VERIFY ADVISORY: http://secunia.com/advisories/13766/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network OPERATING SYSTEM: Novell Netware 5.x http://secunia.com/product/79/ Novell Netware 6.x...
CVE-2004-2104
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to 1 snoop.jsp, 2 SnoopServlet, 3 env.bas, or 4 lcgitest.nlm...
CVE-2004-2103
Cross-site scripting XSS vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via 1 a malformed request for a Perl program with script in the filename, 2 the User.id parameter to the webacc servlet, 3 the...
CVE-2004-2414
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the 1 NIOUTPUT.TXT and 2 NI.LOG log files, which might allow local users to obtain the passwords...
CVE-2004-2105
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter...
CVE-2004-2106
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to 1 /com/, 2 /com/novell/, 3 /com/novell/webaccess, or 4 /ns-icons/...
[Full-Disclosure] NetWare Screensaver Authentication Bypass From The Local Console
Novacoast Security Advisory Novell Netware 5/5.1/6.0/6.5 Vulnerability Synopsis: Novacoast has discovered a vulnerability in the Novell NetWare Operating System screen saver software. The vulnerability allows a local attacker to bypass authentication and access the system console. Description: Th...
CVE-2002-1552
Novell eDirectory eDir 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager...