Filtered by vendor Novell
Subscribe
Total
670 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-2103 | 1 Novell | 1 Netware | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. | |||||
CVE-1999-1307 | 1 Novell | 1 Unixware | 2023-12-10 | 7.2 HIGH | N/A |
Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
CVE-2002-1436 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | |||||
CVE-2002-0780 | 1 Novell | 1 Bordermanager | 2023-12-10 | 5.0 MEDIUM | N/A |
IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND. | |||||
CVE-2002-1634 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | |||||
CVE-2005-1247 | 1 Novell | 1 Nsure Audit | 2023-12-10 | 5.0 MEDIUM | N/A |
webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability. | |||||
CVE-1999-0805 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
CVE-2001-1195 | 1 Novell | 1 Groupwise | 2023-12-10 | 7.5 HIGH | N/A |
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
CVE-2000-0651 | 1 Novell | 1 Bordermanager | 2023-12-10 | 7.5 HIGH | N/A |
The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine. | |||||
CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | |||||
CVE-1999-0470 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | |||||
CVE-2002-2083 | 1 Novell | 1 Netware | 2023-12-10 | 2.1 LOW | N/A |
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. | |||||
CVE-2000-0793 | 2 Novell, Symantec | 2 Client, Norton Antivirus | 2023-12-10 | 10.0 HIGH | N/A |
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. | |||||
CVE-2002-0781 | 1 Novell | 1 Bordermanager | 2023-12-10 | 5.0 MEDIUM | N/A |
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND. | |||||
CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2023-12-10 | 5.0 MEDIUM | N/A |
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | |||||
CVE-2002-0791 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. | |||||
CVE-2001-1458 | 1 Novell | 1 Groupwise | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character. |