CVE-2004-2767

CVE-2004-2767 affects NWFTPD.nlm before 5.04.25 in the Novell NetWare FTP server. The flaw is that it does not promptly close DS sessions, allowing remote attackers to exhaust connection slots by opening many FTP sessions that persist for the lifetime of a DS session, causing a denial of service....

CVE-2003-1592

CVE-2003-1592 corresponds to multiple buffer overflows in NWFTPD.nlm of the Novell NetWare FTP server. Affected products are NetWare 6.0 before SP4 and 6.5 before SP1. The issue allows remote attackers to cause a denial of service (abend) by sending a long username or password. The Red Hat/NVD en...

CVE-2010-0625

CVE-2010-0625 concerns the Novell NetWare NWFTPD daemon (NWFTPD.nlm/NWFTPD.NLM) with a stack-based buffer overflow when processing long MKD, RMD, RNFR, or DELE commands. Affected products are NetWare 5.1 through 6.5 SP8, with vulnerable NWFTPD before 5.10.01; the issue allows remote authenticated...

CVE-2002-2432

CVE-2002-2432 describes an unspecified vulnerability in NWFTPD.nlm prior to 5.03b of the Novell NetWare FTP server, allowing remote attackers to cause a denial of service (abend) via a crafted username. The available connected documents corroborate this description across multiple sources (NVD, R...

CVE-2002-2433

CVE-2002-2433 affects NWFTPD.nlm in the Novell NetWare FTP server, prior to version 5.03b. A crafted ABOR command can be used by remote authenticated users to trigger an abend/denial of service. Evidence across sources confirms the affected component and the impact as a DoS, with 5.03b cited as t...

CVE-2000-1246

The CVE-2000-1246 entry refers to NWFTPD.nlm before 5.01o in the Novell NetWare 5.1 SP3 FTP server. It states that remote authenticated users can trigger a denial of service (abend) by sending RNTO after a failed RNFR command. This affects the FTP server component and the vulnerability causes ava...

CVE-2003-1593

The CVE-2003-1593 entry concerns NWFTPD.nlm in the NetWare FTP server, affected on NetWare 6.0 before SP4 and 6.5 before SP1. The root cause is that domain-name login restrictions are not enforced, allowing remote attackers to bypass access controls via FTP. Public references in the connected doc...

CVE-2003-1595

The vulnerability CVE-2003-1595 affects NWFTPD.nlm in the Novell NetWare 6.5 FTP server, specifically versions before 5.04.05. The root cause is an improper intruder detection mechanism. The public descriptions do not specify the impact in concrete terms or any exploitation vectors; no exploit de...

CVE-2005-4888

The CVE concerns NWFTPD.nlm in the Novell NetWare FTP server (pre-5.06.04). A remote attacker can cause a denial-of-service by opening many FTP sessions that remain in Not-Logged-In state after each session ends, leading to excessive stale connections. Mitigation: upgrade to version 5.06.04 (or l...

CVE-2002-2434

NWFTPD.nlm before 5.02i in the Novell NetWare FTP server is affected. The vulnerability arises because the FTP service does not properly listen for data connections, enabling a remote attacker to trigger a denial of service (abend) by opening multiple FTP sessions. The public documents (NVD, Red ...

CVE-2007-6734

The vulnerability CVE-2007-6734 affects NWFTPD.nlm before 5.08.07 in the NetWare 6.5 SP7 FTP server. The issue is improper implementation of the FTPREST.TXT NOREMOTE restriction, potentially allowing remote authenticated users to access directories outside the home server via unspecified vectors....

CVE-2003-1596

Summary (CVE-2003-1596): NWFTPD.nlm prior to 5.03.12, the FTP server component of Novell NetWare, fails to properly restrict filesystem use by anonymous users with NFS Gateway home directories. This design flaw enables a remote attacker to bypass intended access restrictions through an FTP sessio...

CVE-2007-6735

CVE-2007-6735 affects NWFTPD.nlm prior to 5.08.06 on Novell NetWare. The FTP server’s handling of container name matches in FTPREST.TXT is flawed, allowing remote attackers to bypass access restrictions during an FTP session. The issue is rooted in improper partial matching of container names, en...

CVE-2003-1594

NWFTPD.nlm in Novell NetWare 6.5 is affected (versions before 5.04.05). The FTP server fails to properly enforce FTPREST.TXT settings, allowing remote attackers to bypass intended access restrictions via an FTP session. Mitigation: upgrade to 5.04.05 or later.

CVE-2000-1245

The CVE-2000-1245 entry concerns NWFTPD.nlm before version 5.01o in the Novell NetWare 5.1 SP3 FTP server, where remote attackers could bypass restrictions on anonymous access via unspecified vectors. Public documents do not specify the exact attack vectors, affected configurations beyond the ver...

CVE-2006-1322

The CVE-2006-1322 issue affects Novell Netware NWFTPD 5.06.05. The vulnerability is triggered when an MDTM command paths a target file with an unusually long path, potentially causing a buffer overflow that leads to a denial of service (ABEND). Public documents consistently describe this as a rem...

CVE-2005-4887

CVE-2005-4887 affects NWFTPD.nlm in the NetWare 6.5/FTP server prior to version 5.06.05. The vulnerability is described as allowing attackers to cause an unspecified impact via vectors related to passwords. Public sources (NVD, Red Hat, CVE list) corroborate the affected component and version, bu...