CVE-2004-2414
https://notcve.org/view.php?id=CVE-2004-2414
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. • http://secunia.com/advisories/11188 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm http://www.securityfocus.com/bid/9934 https://exchange.xforce.ibmcloud.com/vulnerabilities/15600 •
CVE-2004-2103
https://notcve.org/view.php?id=CVE-2004-2103
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091529.htm http://www.osvdb.org/4949 https://exchange.xforce.ibmcloud.com/vulnerabilities/14919 •
CVE-2003-0976
https://notcve.org/view.php?id=CVE-2003-0976
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. El servidor NFS (XNFS.NLM) de Novell Netware 6.5 no utiliza adecuadamente sys:etcexports cuando se usan aliases de nombres del fichero sys:etchosts, lo que podría permitir a usuarios montar sistemas de ficheros cuando XNFS debería denegar la máquina. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/10089375.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/13915 •
CVE-2003-1150
https://notcve.org/view.php?id=CVE-2003-1150
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. • http://secunia.com/advisories/10100 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088194.htm http://www.securityfocus.com/bid/8907 https://exchange.xforce.ibmcloud.com/vulnerabilities/13564 •
CVE-2003-0562 – Novell Netware Enterprise Web Server 5.1/6.0 - 'CGI2Perl.NLM' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2003-0562
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. Desbordamiento de búfer en el manejador PERL CGI2PERL.NLM en Novell Netware 5.1 y 6.0 permite a atacantes remotos causar una denegación de servicio (ABEND) mediante una cadena de entrada larga. • https://www.exploit-db.com/exploits/22949 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0041.html http://marc.info/?l=bugtraq&m=105897561229347&w=2 http://marc.info/?l=bugtraq&m=105897724931665&w=2 http://support.novell.com/servlet/tidfinder/2966549 http://www.kb.cert.org/vuls/id/185593 http://www.protego.dk/advisories/200301.html •