CVSS: 9.8EPSS: 88%CPEs: 3EXPL: 2CVE-2006-5854 – Novell Netware Client Print Provider Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5854
29 Nov 2006 — Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions. Múltiples desbordamientos de búfer en el servicio de Spooler(nwspool.dll) en Novell Netware Client 4.91 hasta 4.91 SP2 permite a atacantes remotos ejecutar código de su elección a través de un gran argumentos a las funciones (1) EnumPrinters y (2) OpenPrinter. This vulnerabilit... • https://www.exploit-db.com/exploits/3220 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-2185
https://notcve.org/view.php?id=CVE-2006-2185
22 May 2006 — PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. • http://secunia.com/advisories/20288 •
CVSS: 9.8EPSS: 25%CPEs: 8EXPL: 0CVE-2006-2327
https://notcve.org/view.php?id=CVE-2006-2327
12 May 2006 — Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0997
https://notcve.org/view.php?id=CVE-2006-0997
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0998
https://notcve.org/view.php?id=CVE-2006-0998
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) a veces selecciona un cifrado débil en lugar de un cifrado más fuerte disponible, lo que facilita a atacantes remotos rastrear y descifrar... • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2006-0999
https://notcve.org/view.php?id=CVE-2006-0999
23 Mar 2006 — The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. La implementación del servidor SSL en NILE.NLM en Novell NetWare 6.5 y Novell Open Enterprise Server (OES) permite a un cliente forzar el servidor para usar cifrado débil afirmando que se requiere ... • http://secunia.com/advisories/19324 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2006-1322
https://notcve.org/view.php?id=CVE-2006-1322
20 Mar 2006 — Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. • http://secunia.com/advisories/19265 •
CVSS: 7.5EPSS: 60%CPEs: 4EXPL: 1CVE-2005-2852 – Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2852
08 Sep 2005 — Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. • https://www.exploit-db.com/exploits/16832 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2005-1060
https://notcve.org/view.php?id=CVE-2005-1060
12 Apr 2005 — Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. • http://secunia.com/advisories/14874 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2005-0819
https://notcve.org/view.php?id=CVE-2005-0819
20 Mar 2005 — The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. • http://securitytracker.com/id?1013460 •