Novell

Open Enterprise Server

16 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-5182

  • EPSS 0.99%
  • Published 23.01.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present o...

10

CVE-2014-7169

Warning Exploit
  • EPSS 90.11%
  • Published 25.09.2014 01:55:04
  • Last modified 12.04.2025 10:46:40

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...

10

CVE-2014-6271

Warning Exploit
  • EPSS 94.22%
  • Published 24.09.2014 18:48:04
  • Last modified 12.04.2025 10:46:40

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...

10

CVE-2014-0609

  • EPSS 0.21%
  • Published 17.08.2014 18:55:01
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.

10

CVE-2014-0598

  • EPSS 0.73%
  • Published 18.06.2014 17:55:06
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.

4.3

CVE-2014-0599

  • EPSS 0.82%
  • Published 18.06.2014 17:55:06
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

2.6

CVE-2014-0595

  • EPSS 0.13%
  • Published 08.05.2014 10:55:03
  • Last modified 12.04.2025 10:46:40

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the...

4.3

CVE-2013-3707

  • EPSS 2.97%
  • Published 01.12.2013 17:55:05
  • Last modified 11.04.2025 00:51:21

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, wh...

7.5

CVE-2011-4194

  • EPSS 10.62%
  • Published 02.02.2012 04:09:47
  • Last modified 11.04.2025 00:51:21

Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.

7.8

CVE-2009-0115

Exploit
  • EPSS 0.08%
  • Published 30.03.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket ...