VYPR

Netware

by Novell

CVEs (75)

  • CVE-2002-1772Dec 31, 2002
    risk 0.00cvss epss 0.00

    Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a…

  • CVE-2002-2096Dec 31, 2002
    risk 0.00cvss epss 0.04

    Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

  • CVE-2002-0930Oct 4, 2002
    risk 0.00cvss epss 0.02

    Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.

  • CVE-2002-0929Oct 4, 2002
    risk 0.00cvss epss 0.02

    Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.

  • CVE-2002-0791Aug 12, 2002
    risk 0.00cvss epss 0.02

    Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.

  • CVE-2001-1580Dec 31, 2001
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

  • CVE-2001-1233Aug 14, 2001
    risk 0.00cvss epss 0.02

    Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.

  • CVE-1999-0805Mar 12, 2001
    risk 0.00cvss epss 0.01

    Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.

  • CVE-2000-0600Jun 26, 2000
    risk 0.00cvss epss 0.02

    Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.

  • CVE-1999-1382Dec 31, 1999
    risk 0.00cvss epss 0.00

    NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.

  • CVE-1999-1320Dec 31, 1999
    risk 0.00cvss epss 0.00

    Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.

  • CVE-1999-1086Jul 15, 1999
    risk 0.00cvss epss 0.03

    Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.

  • CVE-1999-0929Jun 16, 1999
    risk 0.00cvss epss 0.02

    Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.

  • CVE-1999-0265Jan 1, 1997
    risk 0.00cvss epss 0.01

    ICMP redirect messages may crash or lock up a host.

  • CVE-1999-1215Sep 16, 1993
    risk 0.00cvss epss 0.00

    LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.

Page 4 of 4