CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-6306
https://notcve.org/view.php?id=CVE-2006-6306
05 Dec 2006 — Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window. Vulnerabilidad de cadena de formato en Novell Modular Authentication Services (NMAS) en Novell Client 4.91 SP2 y SP3 permite a usuarios con acceso físico leer el contenido de la memoria y de la pila mediante especificadores de cadenas de formato en el campo... • http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-6307
https://notcve.org/view.php?id=CVE-2006-6307
05 Dec 2006 — srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary. srvloc.sys en Novell Client para Windows anterior a 4.91 SP3 permite a atacantes remotos provocar una denegación de servicio mediante paquetes artesanales al puerto 427 que provoca un acceso a direcciones inválidas usando un nivel de peti... • http://secunia.com/advisories/23244 •
CVSS: 9.8EPSS: 88%CPEs: 3EXPL: 2CVE-2006-5854 – Novell Netware Client Print Provider Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5854
29 Nov 2006 — Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions. Múltiples desbordamientos de búfer en el servicio de Spooler(nwspool.dll) en Novell Netware Client 4.91 hasta 4.91 SP2 permite a atacantes remotos ejecutar código de su elección a través de un gran argumentos a las funciones (1) EnumPrinters y (2) OpenPrinter. This vulnerabilit... • https://www.exploit-db.com/exploits/3220 •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2006-3697
https://notcve.org/view.php?id=CVE-2006-3697
19 Jul 2006 — Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "S... • http://secunia.com/advisories/21088 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2006-2612
https://notcve.org/view.php?id=CVE-2006-2612
26 May 2006 — Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt. • http://secunia.com/advisories/20194 •
CVSS: 10.0EPSS: 13%CPEs: 3EXPL: 0CVE-2006-2304
https://notcve.org/view.php?id=CVE-2006-2304
11 May 2006 — Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2554
https://notcve.org/view.php?id=CVE-2004-2554
31 Dec 2004 — Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. • http://secunia.com/advisories/11014 •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1754
https://notcve.org/view.php?id=CVE-2002-1754
31 Dec 2002 — Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. • http://support.novell.com/servlet/tidfinder/2962694 •