Page 8 of 66 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. • http://marc.info/?l=bugtraq&m=107487862304440&w=2 •

CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0

webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. • http://secunia.com/advisories/12049 http://securitytracker.com/id?1011012 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10094233.htm http://www.osvdb.org/9103 http://www.securityfocus.com/bid/11000 https://exchange.xforce.ibmcloud.com/vulnerabilities/40478 • CWE-287: Improper Authentication •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. • http://secunia.com/advisories/11188 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2968534.htm http://www.securityfocus.com/bid/9934 https://exchange.xforce.ibmcloud.com/vulnerabilities/15600 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. El servidor NFS (XNFS.NLM) de Novell Netware 6.5 no utiliza adecuadamente sys:etcexports cuando se usan aliases de nombres del fichero sys:etchosts, lo que podría permitir a usuarios montar sistemas de ficheros cuando XNFS debería denegar la máquina. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/10089375.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/13915 •

CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. • http://secunia.com/advisories/10100 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088194.htm http://www.securityfocus.com/bid/8907 https://exchange.xforce.ibmcloud.com/vulnerabilities/13564 •