NWFTPD.nlm
by Novell
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-0625 | 0.02 | — | 0.28 | Apr 5, 2010 | Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE… | |||
| CVE-2005-4887 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||
| CVE-2004-2767 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | |||
| CVE-2003-1596 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2003-1595 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | |||
| CVE-2003-1594 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||
| CVE-2002-2433 | 0.00 | — | 0.00 | Apr 5, 2010 | NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | |||
| CVE-2001-1587 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | |||
| CVE-2000-1246 | 0.00 | — | 0.01 | Apr 5, 2010 | NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. | |||
| CVE-2000-1245 | 0.00 | — | 0.00 | Apr 5, 2010 | Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. |
- CVE-2010-0625Apr 5, 2010risk 0.02cvss —epss 0.28
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE…
- CVE-2005-4887Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
- CVE-2004-2767Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
- CVE-2003-1596Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2003-1595Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
- CVE-2003-1594Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
- CVE-2002-2433Apr 5, 2010risk 0.00cvss —epss 0.00
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
- CVE-2001-1587Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
- CVE-2000-1246Apr 5, 2010risk 0.00cvss —epss 0.01
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
- CVE-2000-1245Apr 5, 2010risk 0.00cvss —epss 0.00
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.