NWFTPD.nlm
by Novell
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-6735 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2007-6734 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | |||
| CVE-2005-4888 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | |||
| CVE-2005-4887 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||
| CVE-2004-2767 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | |||
| CVE-2003-1596 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2003-1595 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | |||
| CVE-2003-1594 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2002-2434 | 0.00 | — | 0.02 | Apr 5, 2010 | NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | |||
| CVE-2002-2433 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | |||
| CVE-2002-2432 | 0.00 | — | 0.02 | Apr 5, 2010 | Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | |||
| CVE-2001-1587 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | |||
| CVE-2000-1245 | 0.00 | — | 0.01 | Apr 5, 2010 | Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | |||
| CVE-2002-0930 | 0.00 | — | 0.02 | Oct 4, 2002 | Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | |||
| CVE-2002-0791 | 0.00 | — | 0.02 | Aug 12, 2002 | Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. |
- CVE-2007-6735Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2007-6734Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
- CVE-2005-4888Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
- CVE-2005-4887Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
- CVE-2004-2767Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
- CVE-2003-1596Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2003-1595Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
- CVE-2003-1594Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2002-2434Apr 5, 2010risk 0.00cvss —epss 0.02
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
- CVE-2002-2433Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
- CVE-2002-2432Apr 5, 2010risk 0.00cvss —epss 0.02
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
- CVE-2001-1587Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
- CVE-2000-1245Apr 5, 2010risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.
- CVE-2002-0930Oct 4, 2002risk 0.00cvss —epss 0.02
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
- CVE-2002-0791Aug 12, 2002risk 0.00cvss —epss 0.02
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.