VYPR

NWFTPD.nlm

by Novell

CVEs (15)

  • CVE-2007-6735Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.

  • CVE-2007-6734Apr 5, 2010
    risk 0.00cvss epss 0.01

    NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.

  • CVE-2005-4888Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.

  • CVE-2005-4887Apr 5, 2010
    risk 0.00cvss epss 0.01

    NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.

  • CVE-2004-2767Apr 5, 2010
    risk 0.00cvss epss 0.01

    NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.

  • CVE-2003-1596Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

  • CVE-2003-1595Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.

  • CVE-2003-1594Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.

  • CVE-2002-2434Apr 5, 2010
    risk 0.00cvss epss 0.02

    NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.

  • CVE-2002-2433Apr 5, 2010
    risk 0.00cvss epss 0.01

    NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.

  • CVE-2002-2432Apr 5, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.

  • CVE-2001-1587Apr 5, 2010
    risk 0.00cvss epss 0.01

    NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.

  • CVE-2000-1245Apr 5, 2010
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.

  • CVE-2002-0930Oct 4, 2002
    risk 0.00cvss epss 0.02

    Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.

  • CVE-2002-0791Aug 12, 2002
    risk 0.00cvss epss 0.02

    Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.