SUSE CVE-2010-4314

Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter...

SUSE CVE-2014-0598

Directory traversal vulnerability in iPrint in Novell Open Enterprise Server OES 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors...

SUSE CVE-2011-0334

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file...

SUSE CVE-2012-0417

Integer overflow in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors...

SUSE CVE-2005-4887

NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords...

SUSE CVE-2010-4712

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing 1 multiple items separated by ; semicolon characters or 2 crafted string data...

SUSE CVE-2010-4713

Integer signedness error in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header...

SUSE CVE-2010-4714

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to 1 gwpoa.exe in the Post Office Agent, 2 gwmta.exe in the Message Transfer Agent, 3 gwia.exe in the Internet Agent, 4 the WebAccess Agent, or 5 th...

SUSE CVE-2011-3175

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management ZCM 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request...

SUSE CVE-2009-0895

Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow...

SUSE CVE-2008-5091

Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service application crash via vectors involving an "invalid extensibleMatch filter."...

SUSE CVE-2012-0439

An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via 1 a pointer argument to the SetEngine method or 2 an XPItem pointer argument to an unspecified method...

SUSE CVE-2013-1085

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter...

📄 Novell GroupWise 2012 Traversal / Shell Upload

This code exploits the directory traversal vulnerability in Novell GroupWise 2012 before Support Pack 1 to steal files, and attempts to upload a web shell payload if possible, making it an effective penetration testing tool...

📄 NFR Agent 1.0.4.2 Arbitrary File Delete

The code exploits a vulnerability in the Novell File Reporter Agent versions 1.0.4.2 and below, which allows an attacker to remotely delete any file on the targeted system...

📄 Novell GroupWise 8.0 Traversal / Code Injection

Proof of concept exploit for an older vulnerability from 2012 that looks for a directory traversal vulnerability in Novell GroupWise version 8.0 before Support Pack 3 and attempts to upload a webshell if possible...

📄 NFR Agent 1.0.1 Arbitrary File Delete

Proof of concept exploit for an arbitrary file deletion vulnerability from 2011 in NFR Agent version 1.0.1. ============================================================================================================================================= | Title : NFR Agent 1.0.1 Arbitrary File Delete...

CVE-2005-1065

tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory...

CVE-2005-1976

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files...

CVE-2005-1040

Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input being passed to network scripts without verification."...