CVE-2005-0746

The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.

CVE-2005-0798

Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.