CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-6675
https://notcve.org/view.php?id=CVE-2006-6675
21 Dec 2006 — Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. Vulnerabilidad de XSS en Novell NetWare 6.5 Support Pack 5 y 6 y Novell Apache en NetWare 2.0.48 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados en la aplicación web Welcome. • http://secunia.com/advisories/23406 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-2185
https://notcve.org/view.php?id=CVE-2006-2185
22 May 2006 — PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. • http://secunia.com/advisories/20288 •
CVSS: 9.8EPSS: 25%CPEs: 8EXPL: 0CVE-2006-2327
https://notcve.org/view.php?id=CVE-2006-2327
12 May 2006 — Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0997
https://notcve.org/view.php?id=CVE-2006-0997
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0998
https://notcve.org/view.php?id=CVE-2006-0998
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) a veces selecciona un cifrado débil en lugar de un cifrado más fuerte disponible, lo que facilita a atacantes remotos rastrear y descifrar... • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0999
https://notcve.org/view.php?id=CVE-2006-0999
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) permite a un cliente forzar el servidor para usar cifrado débil afirmando que se requiere ... • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2006-1322
https://notcve.org/view.php?id=CVE-2006-1322
20 Mar 2006 — Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. • http://secunia.com/advisories/19265 •
CVSS: 7.5EPSS: 60%CPEs: 4EXPL: 1CVE-2005-2852 – Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2852
08 Sep 2005 — Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. • https://www.exploit-db.com/exploits/16832 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2005-1060
https://notcve.org/view.php?id=CVE-2005-1060
12 Apr 2005 — Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. • http://secunia.com/advisories/14874 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2005-0819
https://notcve.org/view.php?id=CVE-2005-0819
20 Mar 2005 — The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. • http://securitytracker.com/id?1013460 •