CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2007-6735
https://notcve.org/view.php?id=CVE-2007-6735
05 Apr 2010 — NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. NWFTPD.nlm anterior a v5.08.06 en el servidor FTP en Novell NetWare no maneja adecuadamente las coincidencias parciales para los nombres de contenedor en el archivo FTPREST.TXT, lo que permite a atacantes remotos evitar las restricciones de acceso establecidas a través de un... • http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-1245
https://notcve.org/view.php?id=CVE-2000-1245
05 Apr 2010 — Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. Múltiples vulnerabilidades no especificadas en NWFTPD.nlm antes de v5.01o en el servidor FTP de Novell NetWare 5.1 SP3 permiten a atacantes remotos eludir restricciones al acceso anónimo a través de vectores desconocidos. • http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2001-1587
https://notcve.org/view.php?id=CVE-2001-1587
05 Apr 2010 — NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. El fichero NWFTPD.nlm antes su versión v5.01w en el servidor FTP en Novell NetWare permite a atacantes remotos provocar una denegación de servicio a través de un comando STOU anónimo. • http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 33%CPEs: 40EXPL: 0CVE-2010-0625 – Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0625
05 Apr 2010 — Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. El desbordamiento de búfer en la región stack de la memoria en NWFTPD.nlm anterior a versión 5.10.01 en el servidor FTP en Novell NetWare versiones 5.1 hasta 6.5 SP8, permite a los usuarios autenticados remotos causar una dene... • http://secunia.com/advisories/39151 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 9%CPEs: 1EXPL: 3CVE-2010-0317 – Novell Netware - CIFS and AFP Remote Memory Consumption Denial of Service
https://notcve.org/view.php?id=CVE-2010-0317
15 Jan 2010 — Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information. Novell Netware v6.5 SP8, permite a atacantes remotos provocar una denegación de ser... • https://www.exploit-db.com/exploits/11009 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 85%CPEs: 9EXPL: 2CVE-2009-0714 – HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service
https://notcve.org/view.php?id=CVE-2009-0714
14 May 2009 — Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. Vulnerabilidad no especificada en el módulo dpwinsup (dpwinsup.dll) para dpwingad (dpwingad.exe) en HP Data Protector Express y Express SSE 3.x en versiones anteriore... • https://www.exploit-db.com/exploits/9006 •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 0CVE-2008-5696
https://notcve.org/view.php?id=CVE-2008-5696
19 Dec 2008 — Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. Novell NetWare 6.5, en versiones anteriores al Support Pack 8, cuando un servidor Linux OES2 se instala en el árbol NDS, no requiere una contraseña para la consola ApacheAdmin, lo que permite a atacantes remotos reconfigurar el Servidor HTTP Apache a través de op... • http://secunia.com/advisories/32989 • CWE-255: Credentials Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-5762 – Novell Client 4.91 SP4 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-5762
09 Jan 2008 — NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode. El controlador NICM.SYS 3.0.0.4, como el utilizado en Novell NetWare Client 4.91 SP4, permite a usuarios locales ejecutar código de su elección abriendo el dispositivo \\.\nicm y proporcionando direcciones del núcleo manipuladas mediante IOCTLs con modo de uso de búfer METHOD_N... • https://www.exploit-db.com/exploits/18914 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 19EXPL: 0CVE-2007-3571
https://notcve.org/view.php?id=CVE-2007-3571
05 Jul 2007 — The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. El servidor web Apache, tal y como se usa en Novell NetWare 6.5 y GroupWise permite a atacantes remotos obtener información sensible mediante cierta directiva para Apache que provoca que la cabecera HTTP de la respuesta sea modificada, lo cual podría r... • http://osvdb.org/45742 •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6675
https://notcve.org/view.php?id=CVE-2006-6675
21 Dec 2006 — Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. Vulnerabilidad de XSS en Novell NetWare 6.5 Support Pack 5 y 6 y Novell Apache en NetWare 2.0.48 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados en la aplicación web Welcome. • http://secunia.com/advisories/23406 •