CVE-2004-2336
https://notcve.org/view.php?id=CVE-2004-2336
Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. • http://secunia.com/advisories/11119 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091330.htm http://www.securityfocus.com/bid/9864 http://www.securitytracker.com/alerts/2004/Mar/1009417.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15467 •
CVE-2004-2734
https://notcve.org/view.php?id=CVE-2004-2734
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. • http://secunia.com/advisories/12049 http://securitytracker.com/id?1011012 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10094233.htm http://www.osvdb.org/9103 http://www.securityfocus.com/bid/11000 https://exchange.xforce.ibmcloud.com/vulnerabilities/40478 • CWE-287: Improper Authentication •
CVE-2004-2414
https://notcve.org/view.php?id=CVE-2004-2414
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. • http://secunia.com/advisories/11188 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm http://www.securityfocus.com/bid/9934 https://exchange.xforce.ibmcloud.com/vulnerabilities/15600 •
CVE-2003-0976
https://notcve.org/view.php?id=CVE-2003-0976
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. El servidor NFS (XNFS.NLM) de Novell Netware 6.5 no utiliza adecuadamente sys:etcexports cuando se usan aliases de nombres del fichero sys:etchosts, lo que podría permitir a usuarios montar sistemas de ficheros cuando XNFS debería denegar la máquina. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/10089375.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/13915 •