739 matches found
Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
CVE-2002-2119
CVE-2002-2119 affects Novell eDirectory 8.6.2 and 8.7, where use of case-insensitive passwords enables remote brute-force password guessing. Root cause: password comparisons are not case-sensitive. Impact: higher risk of successful credential guessing (remote). Connected sources corroborate the a...
CVE-2002-2119
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing...
Novell eDirectory NMAS unauthorized access
Forgotten password recovery option allows to recover password without answering secret question...
[SA16267] Novell eDirectory NMAS Password Challenge Bypass
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-1729
Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service application crash via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1...
CVE-2005-1729
Affected product: Novell eDirectory 8.7.3. Vulnerability: Denial of service caused by insufficient filtering of HTTP requests that use reserved MS-DOS device names (e.g., AUX, CON, PRN, COM1, LPT1). Impact: Remote attacker can terminate the eDirectory server process; all services (including LDAP)...
[Full-disclosure] [CIRT.DK - Advisory] Novell eDirectory 8.7.3 DOS Device name Denial of Service
ID: NOVL102201 Domain: primus Solution Class: Novell Fact: Novell eDirectory 8.7.3 for Windows 2000 Fact Novell eDirectory 8.7.3 for Windows NT Symptom: Requesting "DOS Device in Path Name" Denial of Service Symptom: Attack causes error in dhost.exe application Symptom: Attack causes nds service ...
Novell eDirectory directory services special DOS device names DoS
Special devices access causes error in dhost.exe...
CVE-2005-1729
Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service application crash via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1...
CVE-2002-1552
Summary: CVE-2002-1552 affects Novell eDirectory (eDir) 8.6.2 and NetWare 5.1 eDir 85.x. When users with expired passwords log in via Remote Manager, they may gain inappropriate permissions. The issue is supported by multiple sources (NVD/NVDCVE and CVE records) with a CVSS v2 base score of 7.5 (...
CVE-2002-1552
Novell eDirectory eDir 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager...
Novell Netware 6.0 eDirectory 8.7 - HTTPSTK.NLM Remote Abend
Novell Netware 6.0 eDirectory 8.7 - HTTPSTK.NLM Remote Abend source: https://www.securityfocus.com/bid/7841/info It has been reported that the HTTP Stack distributed with Novell Netware and eDirectory does not properly handle some types of malformed packets. Because of this, an attacker may be ab...
Novell Netware 6.0 / eDirectory 8.7 - HTTPSTK.NLM Remote Abend
source: https://www.securityfocus.com/bid/7841/info It has been reported that the HTTP Stack distributed with Novell Netware and eDirectory does not properly handle some types of malformed packets. Because of this, an attacker may be able to cause a denial of service to legitimate users of the HT...
CVE-2002-1552
Novell eDirectory eDir 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager...
CVE-2002-2119
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing...
PT-2002-2839 · Novell · Novell Edirectory
Name of the Vulnerable Software and Affected Versions: Novell eDirectory versions 8.6.2 through 8.7 Description: The issue allows remote attackers to conduct brute force password guessing more easily due to the use of case insensitive passwords. Recommendations: For Novell eDirectory versions 8.6...
NOVL-2002-2963767 - Remote Manager Security Issue - eDir 8.6.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2002-2963767 Title: Remote Manager Security Issue - eDir 8.6.2 Date: 22-Oct-2002 Revision: Original Product Name: Novell eDirectory 8.6...
Invalid Novell eDirectory permissions
User with expired account may be granted with invalid permission...