Проблеимы с NetWare Enterprise Web Server (information leak, directory reading)

При установленном GroupWise WebAccess возможно получение листинга каталога и списка системных объектов...

groupwise.disclosure.txt

No idea if this is what the Groupwise Padlock http://www.novell.com/padlock thing is about, since Novell is not only vague in the issues, but never acknowledged Adept's findings. - Simple Nomad - "No rest for the Wicca'd" - - [email protected] - - - [email protected] - www.nmrc.org...

CVE-2001-1233

Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services NDS enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm...

Mercury for NetWare POP3 server vulnerable to remote buffer overflow

Hello, All versions of widely-used POP3 server from Mercury MTA package for Netware are vulnerable to remote buffer overflow allowing to crash Netware server: perl -e 'print "APOP " . "a"x2048 . " " . "a"x2048 . "rn"' | nc host 110 Remote execution of malicious code is also theoretically possible...

CVE-1999-0805

Novell NetWare Transaction Tracking System TTS in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests...

Vulnerability in Novell Netware

The information in this advisory was supplied by Chris Hughes [email protected]. This security advisory is not endorsed by Security-Focus.com. Vulnerability in Novell Netware Date Published: 03/08/01 Advisory ID: n/a Bugtraq ID: 2446 CVE CAN: None currently assigned. Title: Novell Netware Print...

Уязвимость в начальной установке Novell Netware (printer server account)

Учетная запись Printer Server без пароля позволяет вход в сеть Novell Netware...

BindView Advisory: MITM Attacks Against Novell NetWare

MITM Attacks Against Novell NetWare ----------------------------------- Issue Date: 15Feb2001 Contact: Simple Nomad [email protected] http://razor.bindview.com/publish/advisories/advNovellMITM.html Topic: ------ Man-in-the-middle Attack can reveal password hashes and private keys in...

CVE-1999-0805

CVE-1999-0805 corresponds to Novell NetWare’s Transaction Tracking System (TTS) affecting NetWare 4.11 and earlier. The vulnerability allows remote attackers to cause a denial of service by issuing a large number of requests. Multiple trusted sources (NVD, Red Hat advisory) reiterate the same imp...

CVE-1999-0805

Novell NetWare Transaction Tracking System TTS in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests...

iXsecurity.20001107.compaq-wbm.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001107.compaq-wbm.a ==================================== Vulnerability Summary --------------------- Problem: The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files Threat: Anyone that ha...

Утечка информации в Novell Netware (Object enumeration)

Сервера Netware с поддержкой TCP/IP сообщают информацию об объектах NDS через анонимное соединение TCP/524...

BindView RAZOR Advisory: Novell Netware

I contacted Novell about this and they feel the recommendations section is fine the way it is. No patch, just configuration issues. The seriousness can probably best be assessed by running the NCPQuery tool against your Netware servers that are running IP. Probably the most interesting thing is t...

iXsecurity.20001107.compaq-wbm.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001107.compaq-wbm.a ==================================== Vulnerability Summary --------------------- Problem: The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files Threat: Anyone that ha...

CVE-2000-0793

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system...

CVE-2000-0669

Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data...

CVE-2000-0257

The vulnerability CVE-2000-0257 concerns the NetWare remote web administration utility. A buffer overflow is triggered by a long URL, enabling remote attackers to cause a denial of service or execute commands. The available documents confirm the affected component and the general impact but do no...

CVE-2000-0669

The CVE-2000-0669 entry describes a vulnerability in Novell NetWare 5.0 where remote attackers can cause a denial of service by flooding port 40193 with random data. The available sources confirm NetWare 5.0 as affected and indicate the impact as a partial availability disruption, with no informa...

CVE-2000-0793

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system...

CVE-2000-0793

CVE-2000-0793 affects Norton AntiVirus 5.00.01C when used with the Novell Netware client, where the auto-protection service fails to restart after the first user logs off. The CVSS2 base metrics indicate a HIGH impact across confidentiality, integrity, and availability with network access and no ...