Total
76 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-2852 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. | |||||
CVE-1999-1382 | 1 Novell | 1 Netware | 2023-12-10 | 7.2 HIGH | N/A |
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. | |||||
CVE-2002-2096 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | |||||
CVE-1999-1215 | 1 Novell | 1 Netware | 2023-12-10 | 4.6 MEDIUM | N/A |
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
CVE-2000-0257 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
CVE-2002-1438 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. | |||||
CVE-1999-1020 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2023-12-10 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2023-12-10 | 7.5 HIGH | N/A |
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | |||||
CVE-2002-0930 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | |||||
CVE-2003-0976 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | |||||
CVE-2000-0669 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data. | |||||
CVE-2004-2103 | 1 Novell | 1 Netware | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. | |||||
CVE-2002-1436 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | |||||
CVE-2002-1634 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | |||||
CVE-1999-0805 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | |||||
CVE-1999-0470 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | |||||
CVE-2002-2083 | 1 Novell | 1 Netware | 2023-12-10 | 2.1 LOW | N/A |
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. |