CVSS: 10.0EPSS: 54%CPEs: 3EXPL: 1CVE-2008-0935 – Novell iPrint Client - ActiveX Control ExecuteRequest Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0935
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method. Desbordamiento de búfer basado en pila en el control Novell iPrint Control ActiveX de ienipp.ocx en Novell iPrint Client antes de 4.34 permite a atacantes remotos ejecutar código de su elección a través de un argumento largo al método ExecuteRequest. • https://www.exploit-db.com/exploits/16514 http://download.novell.com/Download?buildid=prBBH4JpImA~ http://secunia.com/advisories/27994 http://www.securityfocus.com/bid/27939 http://www.securitytracker.com/id?1019489 http://www.vupen.com/english/advisories/2008/0639 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 2CVE-2008-1777
https://notcve.org/view.php?id=CVE-2008-1777
The eDirectory Host Environment service (dhost.exe) in Novell eDirectory 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a long HTTP HEAD request to TCP port 8028. El servicio eDirectory Host Environment (dhost.exe) de Novell eDirectory 8.8.2 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través una petición http HEAD larga al puerto TCP 8028. • http://secunia.com/advisories/29639 http://www.offensive-security.com/0day/novel-edir.py.txt http://www.securityfocus.com/bid/28572 http://www.securitytracker.com/id?1019783 http://www.vupen.com/english/advisories/2008/1075 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 80%CPEs: 2EXPL: 1CVE-2007-6701
https://notcve.org/view.php?id=CVE-2007-6701
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954. Múltiples desbordamientos de búfer basados en pila en el servicio Spooler (nwspool.dll) de Novell Client 4.91 SP4 para Windows permiten a atacantes remotos ejecutar código de su elección a través de argumentos largos de múltiples funciones RCP no especificadas, también conocido como Novell bug 287919, una vulnerabilidad diferente a CVE-2007-2954. • http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html http://secunia.com/advisories/26238 http://securitytracker.com/id?1018471 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html http://www.securityfocus.com/bid/25092 http://www.zerodayinitiative.com/advisories/ZDI-07-045.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35653 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-0731
https://notcve.org/view.php?id=CVE-2008-0731
The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. El núcleo de Linux versiones anteriores a 2.6.18.8-0.8 de SUSE openSUSE 10.2 no maneja apropiadamente los fallos del sistema llamado AppArmor change_hat, lo cual permite a atacantes disparar el no limitamiento de una tarea apparmored. • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00002.html http://secunia.com/advisories/28806 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 59%CPEs: 4EXPL: 0CVE-2008-0639 – Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0639
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701. Desbordamiento de búfer basado en pila en la función EnumPrinters del servicio Spooler en Novell Client 4.91 SP2, SP3 y SP4 para Windows, permite a atacantes remotos ejecutar código de su elección mediante una petición RPC manipulada, también conocida como Novell bug 353138, una vulnerabilidad diferente a la CVE-2006-5854. NOTA: este problema se produce debido a un parche incompleto para CVE-2007-6701. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. • http://download.novell.com/Download?buildid=SszG22IIugM~ http://marc.info/?l=full-disclosure&m=120276962211348&w=2 http://secunia.com/advisories/28895 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html http://www.securityfocus.com/archive/1/487980/100/0/threaded http://www.securityfocus.com/bid/27741 http://www.securitytracker.com/id?1019366 http://www.vupen.com/english/advisories/2008/0496 http://www.zerodayinitiative.com/advisories/ZDI-08-005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •