Netware
by Novell
CVEs (75)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-6734 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | |||
| CVE-2005-4888 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | |||
| CVE-2005-4887 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||
| CVE-2004-2767 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | |||
| CVE-2003-1596 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2003-1595 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | |||
| CVE-2003-1594 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2003-1593 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | |||
| CVE-2003-1592 | 0.00 | — | 0.02 | Apr 5, 2010 | Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | |||
| CVE-2003-1591 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload. | |||
| CVE-2002-2434 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | |||
| CVE-2002-2433 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | |||
| CVE-2002-2432 | 0.00 | — | 0.02 | Apr 5, 2010 | Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | |||
| CVE-2001-1587 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | |||
| CVE-2000-1246 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. | |||
| CVE-2000-1245 | 0.00 | — | 0.01 | Apr 5, 2010 | Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | |||
| CVE-2008-5696 | 0.00 | — | 0.03 | Dec 19, 2008 | Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. | |||
| CVE-2008-1701 | 0.00 | — | 0.01 | Apr 8, 2008 | Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request. | |||
| CVE-2007-3571 | 0.00 | — | 0.01 | Jul 5, 2007 | The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. | |||
| CVE-2007-3207 | 0.00 | — | 0.02 | Jun 18, 2007 | Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request. |
- CVE-2007-6734Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
- CVE-2005-4888Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
- CVE-2005-4887Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
- CVE-2004-2767Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
- CVE-2003-1596Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2003-1595Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
- CVE-2003-1594Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2003-1593Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.
- CVE-2003-1592Apr 5, 2010risk 0.00cvss —epss 0.02
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
- CVE-2003-1591Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.
- CVE-2002-2434Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
- CVE-2002-2433Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
- CVE-2002-2432Apr 5, 2010risk 0.00cvss —epss 0.02
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
- CVE-2001-1587Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
- CVE-2000-1246Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
- CVE-2000-1245Apr 5, 2010risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.
- CVE-2008-5696Dec 19, 2008risk 0.00cvss —epss 0.03
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
- CVE-2008-1701Apr 8, 2008risk 0.00cvss —epss 0.01
Novell NetWare 6.5 allows attackers to cause a denial of service (ABEND) via a crafted Macintosh iPrint client request.
- CVE-2007-3571Jul 5, 2007risk 0.00cvss —epss 0.01
The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
- CVE-2007-3207Jun 18, 2007risk 0.00cvss —epss 0.02
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
Page 2 of 4