Total
76 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4227 | 1 Novell | 1 Netware | 2025-04-11 | 10.0 HIGH | N/A |
|
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.
|
|||||
| CVE-2003-1591 | 1 Novell | 1 Netware | 2025-04-11 | 4.3 MEDIUM | N/A |
|
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.
|
|||||
| CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
|
|||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
|
|||||
| CVE-2007-6734 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 4.0 MEDIUM | N/A |
|
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
|
|||||
| CVE-2003-1593 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.
|
|||||
| CVE-2003-1595 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 10.0 HIGH | N/A |
|
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
|
|||||
| CVE-2004-2767 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 4.3 MEDIUM | N/A |
|
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
|
|||||
| CVE-2011-4191 | 1 Novell | 1 Netware | 2025-04-11 | 7.5 HIGH | N/A |
|
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.
|
|||||
| CVE-2010-2351 | 1 Novell | 1 Netware | 2025-04-11 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.
|
|||||
| CVE-2005-4888 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
|
|||||
| CVE-2010-4228 | 1 Novell | 1 Netware | 2025-04-11 | 9.0 HIGH | N/A |
|
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.
|
|||||
| CVE-2003-1594 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
|
|||||
| CVE-2002-2433 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 4.0 MEDIUM | N/A |
|
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
|
|||||
| CVE-2000-1246 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 3.5 LOW | N/A |
|
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
|
|||||
| CVE-2001-1587 | 1 Novell | 1 Netware | 2025-04-11 | 5.0 MEDIUM | N/A |
|
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
|
|||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.
|
|||||
| CVE-2010-0625 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
|
|||||
| CVE-2003-1592 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
|
|||||
| CVE-2010-2068 | 4 Apache, Ibm, Microsoft and 1 more | 4 Http Server, Os2, Windows and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
|
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.
|
|||||
| CVE-2007-6735 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.
|
|||||
| CVE-2002-2434 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
|
|||||
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | 7.5 HIGH | N/A |
|
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
|
|||||
| CVE-2007-3571 | 1 Novell | 2 Groupwise, Netware | 2025-04-09 | 4.3 MEDIUM | N/A |
|
The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
|
|||||
| CVE-2008-5696 | 1 Novell | 1 Netware | 2025-04-09 | 9.3 HIGH | N/A |
|
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
|
|||||
| CVE-2010-0317 | 1 Novell | 1 Netware | 2025-04-09 | 7.8 HIGH | N/A |
|
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2009-0714 | 5 Hp, Microsoft, Novell and 2 more | 5 Data Protector Express, Windows, Netware and 2 more | 2025-04-09 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
|
|||||
| CVE-2006-6675 | 1 Novell | 2 Apache Http Server, Netware | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app.
|
|||||
| CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.
|
|||||
| CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
|
|||||
| CVE-2000-0669 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
|
|||||
| CVE-2002-1418 | 1 Novell | 2 Netware, Small Business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.
|
|||||
| CVE-2002-1437 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
|
|||||
| CVE-2002-2096 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
|
|||||
| CVE-2002-1772 | 1 Novell | 1 Netware | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
|
|||||
| CVE-2006-0997 | 1 Novell | 2 Netware, Open Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
|
|||||
| CVE-2004-2106 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.
|
|||||
| CVE-1999-1215 | 1 Novell | 1 Netware | 2025-04-03 | 4.6 MEDIUM | N/A |
|
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
|
|||||
| CVE-2002-1436 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
|
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
|
|||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.
|
|||||