CVSS: 5.0EPSS: 55%CPEs: 4EXPL: 0CVE-2002-1417
https://notcve.org/view.php?id=CVE-2002-1417
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. Vulnerabilidad de atravesamiento de directorios en Novell NetBasic Scripting Server (NSN) de Netware 5.1 y 6, y Novell Small Business Suite 5.1 y 6, permite a atacantes remotos leer ficheros arbitrarios mediante una URL conteniendo una secuencia "..%5c" (punto punto modificada), que es mapeada al serparador de directorios. • http://archives.neohapsis.com/archives/bugtraq/2002-08/0199.html http://support.novell.com/servlet/tidfinder/2963297 http://www.iss.net/security_center/static/9910.php http://www.securityfocus.com/bid/5523 •
CVSS: 7.5EPSS: 7%CPEs: 4EXPL: 2CVE-2002-1436 – Novell NetWare 5.1/6.0 - POST Arbitrary Perl Code Execution
https://notcve.org/view.php?id=CVE-2002-1436
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. El web handler para Perl 5.003 sobre NetWare 6 permite que atacantes remotos ejecuten código Perl arbitrario mediante una petición HTTP POST. • https://www.exploit-db.com/exploits/21731 http://archives.neohapsis.com/archives/bugtraq/2002-08/0202.html http://support.novell.com/servlet/tidfinder/2963307 http://www.iss.net/security_center/static/9916.php http://www.securityfocus.com/bid/5520 •
CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0CVE-2002-1437
https://notcve.org/view.php?id=CVE-2002-1437
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences. • http://archives.neohapsis.com/archives/bugtraq/2002-08/0202.html http://support.novell.com/servlet/tidfinder/2963307 http://www.iss.net/security_center/static/9915.php http://www.securityfocus.com/bid/5522 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 5CVE-2002-1634 – Netscape Enterprise Web Server for Netware 4/5 5.0 - Information Disclosure
https://notcve.org/view.php?id=CVE-2002-1634
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. • https://www.exploit-db.com/exploits/21488 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10064452.htm http://www.kb.cert.org/vuls/id/159203 http://www.osvdb.org/17461 http://www.osvdb.org/17462 http://www.osvdb.org/17463 http://www.osvdb.org/17464 http://www.osvdb.org/17465 http://www.osvdb.org/17466 http://www.osvdb.org/17467 http://www.osvdb.org/17468 http://www.procheckup.com/security_info/vuln_pr0201.html http://www.proche •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2002-1772
https://notcve.org/view.php?id=CVE-2002-1772
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. • http://online.securityfocus.com/archive/1/253373 http://www.securityfocus.com/bid/4012 https://exchange.xforce.ibmcloud.com/vulnerabilities/8065 •