CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0CVE-2004-2734
https://notcve.org/view.php?id=CVE-2004-2734
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. • http://secunia.com/advisories/12049 http://securitytracker.com/id?1011012 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10094233.htm http://www.osvdb.org/9103 http://www.securityfocus.com/bid/11000 https://exchange.xforce.ibmcloud.com/vulnerabilities/40478 • CWE-287: Improper Authentication •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2414
https://notcve.org/view.php?id=CVE-2004-2414
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. • http://secunia.com/advisories/11188 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm http://www.securityfocus.com/bid/9934 https://exchange.xforce.ibmcloud.com/vulnerabilities/15600 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0976
https://notcve.org/view.php?id=CVE-2003-0976
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. El servidor NFS (XNFS.NLM) de Novell Netware 6.5 no utiliza adecuadamente sys:etcexports cuando se usan aliases de nombres del fichero sys:etchosts, lo que podría permitir a usuarios montar sistemas de ficheros cuando XNFS debería denegar la máquina. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/10089375.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/13915 •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2003-1150
https://notcve.org/view.php?id=CVE-2003-1150
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. • http://secunia.com/advisories/10100 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088194.htm http://www.securityfocus.com/bid/8907 https://exchange.xforce.ibmcloud.com/vulnerabilities/13564 •
CVSS: 5.0EPSS: 4%CPEs: 6EXPL: 1CVE-2003-0562 – Novell Netware Enterprise Web Server 5.1/6.0 - 'CGI2Perl.NLM' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2003-0562
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. Desbordamiento de búfer en el manejador PERL CGI2PERL.NLM en Novell Netware 5.1 y 6.0 permite a atacantes remotos causar una denegación de servicio (ABEND) mediante una cadena de entrada larga. • https://www.exploit-db.com/exploits/22949 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0041.html http://marc.info/?l=bugtraq&m=105897561229347&w=2 http://marc.info/?l=bugtraq&m=105897724931665&w=2 http://support.novell.com/servlet/tidfinder/2966549 http://www.kb.cert.org/vuls/id/185593 http://www.protego.dk/advisories/200301.html •