Total
76 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
CVE-2002-0791 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. | |||||
CVE-2002-0929 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | |||||
CVE-2002-1413 | 1 Novell | 1 Netware | 2023-12-10 | 7.5 HIGH | N/A |
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection. | |||||
CVE-2004-2106 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | |||||
CVE-2002-1437 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences. | |||||
CVE-2002-1418 | 1 Novell | 2 Netware, Small Business Suite | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name. | |||||
CVE-1999-1320 | 1 Novell | 1 Netware | 2023-12-10 | 4.6 MEDIUM | N/A |
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
CVE-2003-0562 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. | |||||
CVE-1999-0929 | 1 Novell | 2 Http Server, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. | |||||
CVE-2004-2104 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm. | |||||
CVE-1999-0265 | 2 Microware, Novell | 2 Os-9, Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
ICMP redirect messages may crash or lock up a host. | |||||
CVE-1999-1086 | 1 Novell | 1 Netware | 2023-12-10 | 10.0 HIGH | N/A |
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | |||||
CVE-2002-1772 | 1 Novell | 1 Netware | 2023-12-10 | 4.6 MEDIUM | N/A |
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. | |||||
CVE-2004-2105 | 1 Novell | 1 Netware | 2023-12-10 | 5.0 MEDIUM | N/A |
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. |