Novell

Open Enterprise Server

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-5182

  • EPSS 0.99%
  • Veröffentlicht 23.01.2017 15:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present o...

10

CVE-2014-7169

Warnung Exploit
  • EPSS 90.11%
  • Veröffentlicht 25.09.2014 01:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...

10

CVE-2014-6271

Warnung Exploit
  • EPSS 94.22%
  • Veröffentlicht 24.09.2014 18:48:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...

10

CVE-2014-0609

  • EPSS 0.21%
  • Veröffentlicht 17.08.2014 18:55:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.

10

CVE-2014-0598

  • EPSS 0.73%
  • Veröffentlicht 18.06.2014 17:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.

4.3

CVE-2014-0599

  • EPSS 0.82%
  • Veröffentlicht 18.06.2014 17:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.6

CVE-2014-0595

  • EPSS 0.13%
  • Veröffentlicht 08.05.2014 10:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the...

4.3

CVE-2013-3707

  • EPSS 2.97%
  • Veröffentlicht 01.12.2013 17:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, wh...

7.5

CVE-2011-4194

  • EPSS 10.62%
  • Veröffentlicht 02.02.2012 04:09:47
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.

7.8

CVE-2009-0115

Exploit
  • EPSS 0.08%
  • Veröffentlicht 30.03.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket ...