CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2002-2434
https://notcve.org/view.php?id=CVE-2002-2434
05 Apr 2010 — NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. El fichero NWFTPD.nlm antes su version v5.02i en el servidor FTP de Novell NetWare no escucha adecuadamente las conexiones de datos, lo que permite a atacantes remotos provocar una denegación de servicio a través de múltiples sesiones de FTP. • http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1 •
CVSS: 10.0EPSS: 33%CPEs: 40EXPL: 0CVE-2010-0625 – Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0625
05 Apr 2010 — Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. El desbordamiento de búfer en la región stack de la memoria en NWFTPD.nlm anterior a versión 5.10.01 en el servidor FTP en Novell NetWare versiones 5.1 hasta 6.5 SP8, permite a los usuarios autenticados remotos causar una dene... • http://secunia.com/advisories/39151 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2008-5696
https://notcve.org/view.php?id=CVE-2008-5696
19 Dec 2008 — Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. Novell NetWare 6.5, en versiones anteriores al Support Pack 8, cuando un servidor Linux OES2 se instala en el árbol NDS, no requiere una contraseña para la consola ApacheAdmin, lo que permite a atacantes remotos reconfigurar el Servidor HTTP Apache a través de op... • http://secunia.com/advisories/32989 • CWE-255: Credentials Management Errors •
CVSS: 5.3EPSS: 0%CPEs: 19EXPL: 0CVE-2007-3571
https://notcve.org/view.php?id=CVE-2007-3571
05 Jul 2007 — The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. El servidor web Apache, tal y como se usa en Novell NetWare 6.5 y GroupWise permite a atacantes remotos obtener información sensible mediante cierta directiva para Apache que provoca que la cabecera HTTP de la respuesta sea modificada, lo cual podría r... • http://osvdb.org/45742 •
CVSS: 7.5EPSS: 60%CPEs: 4EXPL: 1CVE-2005-2852 – Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2852
08 Sep 2005 — Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. • https://www.exploit-db.com/exploits/16832 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2005-1060
https://notcve.org/view.php?id=CVE-2005-1060
12 Apr 2005 — Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. • http://secunia.com/advisories/14874 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2103
https://notcve.org/view.php?id=CVE-2004-2103
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 •
CVSS: 5.3EPSS: 7%CPEs: 2EXPL: 3CVE-2004-2104 – Novell Netware Enterprise Web Server 5.1/6.0 - env.bas Information Disclosure
https://notcve.org/view.php?id=CVE-2004-2104
31 Dec 2004 — Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm. • https://www.exploit-db.com/exploits/23586 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2105
https://notcve.org/view.php?id=CVE-2004-2105
31 Dec 2004 — The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2106
https://notcve.org/view.php?id=CVE-2004-2106
31 Dec 2004 — Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 •