Lucene search

K

27 matches found

CVE
CVE
added 2011/03/22 5:55 p.m.120 views

CVE-2010-4228

Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.

9CVSS7.8AI score0.33563EPSS
CVE
CVE
added 2005/05/27 4:0 a.m.95 views

CVE-2004-2104

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

5CVSS6.9AI score0.06964EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.53 views

CVE-2003-0562

Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.

5CVSS6.7AI score0.09899EPSS
CVE
CVE
added 2005/05/27 4:0 a.m.51 views

CVE-2004-2106

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.

5CVSS7.1AI score0.00238EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.50 views

CVE-2002-1417

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

5CVSS6.4AI score0.16998EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.50 views

CVE-2003-1592

Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.

5CVSS7.2AI score0.01446EPSS
CVE
CVE
added 2010/04/05 4:30 p.m.48 views

CVE-2010-0625

Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.

6.5CVSS8.1AI score0.33563EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.47 views

CVE-2002-2433

NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.

4CVSS6.4AI score0.00383EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.47 views

CVE-2003-1593

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.

7.5CVSS7.1AI score0.00132EPSS
CVE
CVE
added 2005/08/05 4:0 a.m.46 views

CVE-2002-2096

Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

7.5CVSS8.4AI score0.0443EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.44 views

CVE-2002-2434

NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.

5CVSS6.9AI score0.00428EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.43 views

CVE-2003-1596

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

7.5CVSS7AI score0.00108EPSS
CVE
CVE
added 2005/09/08 10:3 a.m.43 views

CVE-2005-2852

Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.

5CVSS7.2AI score0.60379EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.41 views

CVE-2002-1418

Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.

5CVSS7AI score0.00793EPSS
CVE
CVE
added 2002/10/04 4:0 a.m.39 views

CVE-2002-0929

Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.

5CVSS7AI score0.00641EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.39 views

CVE-2002-1413

RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection.

7.5CVSS7AI score0.02536EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.39 views

CVE-2002-1437

Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.

5CVSS6.8AI score0.05975EPSS
CVE
CVE
added 2005/05/27 4:0 a.m.39 views

CVE-2004-2105

The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.

5CVSS7AI score0.00127EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.38 views

CVE-2002-1438

The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.

5CVSS6.5AI score0.01134EPSS
CVE
CVE
added 2005/05/27 4:0 a.m.38 views

CVE-2004-2103

Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) th...

4.3CVSS5.9AI score0.00179EPSS
CVE
CVE
added 2010/04/05 3:30 p.m.37 views

CVE-2003-1591

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.

4.3CVSS6.9AI score0.004EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.36 views

CVE-2002-1436

The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.

7.5CVSS7.7AI score0.09671EPSS
CVE
CVE
added 2005/05/10 4:0 a.m.36 views

CVE-2003-1150

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.

7.5CVSS8.4AI score0.02277EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.36 views

CVE-2005-1060

Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets.

5CVSS7AI score0.00456EPSS
CVE
CVE
added 2002/08/12 4:0 a.m.35 views

CVE-2002-0791

Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.

5CVSS7.4AI score0.01075EPSS
CVE
CVE
added 2002/10/04 4:0 a.m.34 views

CVE-2002-0930

Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.

5CVSS7AI score0.01052EPSS
CVE
CVE
added 2010/06/21 7:30 p.m.34 views

CVE-2010-2351

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

10CVSS8.4AI score0.14485EPSS