Novell

Netware

70 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2007-6735

  • EPSS 0.13%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.

7.8

CVE-2010-0317

Exploit
  • EPSS 8.96%
  • Published 15.01.2010 18:30:00
  • Last modified 09.04.2025 00:30:58

Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality i...

9.3

CVE-2008-5696

  • EPSS 2.49%
  • Published 19.12.2008 18:30:00
  • Last modified 09.04.2025 00:30:58

Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.

6.8

CVE-2006-6675

  • EPSS 0.83%
  • Published 21.12.2006 01:28:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app.

4

CVE-2006-2185

  • EPSS 0.37%
  • Published 22.05.2006 17:02:00
  • Last modified 03.04.2025 01:03:51

PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.

6.4

CVE-2006-2327

  • EPSS 25.7%
  • Published 12.05.2006 00:02:00
  • Last modified 03.04.2025 01:03:51

Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that...

5

CVE-2006-0999

  • EPSS 0.46%
  • Published 23.03.2006 11:06:00
  • Last modified 03.04.2025 01:03:51

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow r...

5

CVE-2006-0998

  • EPSS 0.56%
  • Published 23.03.2006 11:06:00
  • Last modified 03.04.2025 01:03:51

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL pr...

5

CVE-2006-0997

  • EPSS 0.27%
  • Published 23.03.2006 11:06:00
  • Last modified 03.04.2025 01:03:51

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by snif...

5

CVE-2006-1322

  • EPSS 1.96%
  • Published 20.03.2006 22:02:00
  • Last modified 03.04.2025 01:03:51

Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow.