Netware@5.1 Security Vulnerabilities and Issues — Netware@5.1 CVE List

Lucene search

NovellNetware5.1

9 matches found

CVE•added 2005/05/27 4:0 a.m.•95 views

CVE-2004-2104

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

5CVSS6.9AI score0.06964EPSS

CVE•added 2005/08/05 4:0 a.m.•63 views

CVE-2001-1580

Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

5CVSS6.7AI score0.22578EPSS

CVE•added 2005/03/28 5:0 a.m.•63 views

CVE-2002-1634

Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.

5CVSS6.3AI score0.08332EPSS

CVE•added 2005/05/27 4:0 a.m.•51 views

CVE-2004-2106

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.

5CVSS7.1AI score0.00238EPSS

CVE•added 2005/08/05 4:0 a.m.•46 views

CVE-2002-2096

Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

7.5CVSS8.4AI score0.0443EPSS

CVE•added 2005/09/08 10:3 a.m.•43 views

CVE-2005-2852

Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.

5CVSS7.2AI score0.60379EPSS

CVE•added 2005/05/27 4:0 a.m.•39 views

CVE-2004-2105

The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.

5CVSS7AI score0.00127EPSS

CVE•added 2005/05/27 4:0 a.m.•38 views

CVE-2004-2103

Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) th...

4.3CVSS5.9AI score0.00179EPSS

CVE•added 2005/06/21 4:0 a.m.•35 views

CVE-2002-1772

Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.

4.6CVSS6.9AI score0.00031EPSS