Novell

Netware Ftp Server

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2010-0625

  • EPSS 27.64%
  • Published 05.04.2010 16:30:00
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) ...

7.5

CVE-2003-1594

  • EPSS 0.13%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.

7.5

CVE-2007-6735

  • EPSS 0.13%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.

4

CVE-2007-6734

  • EPSS 0.22%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.

5

CVE-2005-4888

  • EPSS 0.7%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is complet...

7.5

CVE-2005-4887

  • EPSS 0.14%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.

4.3

CVE-2004-2767

  • EPSS 0.66%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime...

7.5

CVE-2003-1596

  • EPSS 0.11%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

10

CVE-2003-1595

  • EPSS 0.29%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.

7.5

CVE-2003-1593

  • EPSS 0.13%
  • Published 05.04.2010 15:30:00
  • Last modified 11.04.2025 00:51:21

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.