CVSS: 4.3EPSS: 0%CPEs: 19EXPL: 0CVE-2007-3571
https://notcve.org/view.php?id=CVE-2007-3571
The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. El servidor web Apache, tal y como se usa en Novell NetWare 6.5 y GroupWise permite a atacantes remotos obtener información sensible mediante cierta directiva para Apache que provoca que la cabecera HTTP de la respuesta sea modificada, lo cual podría revelar la dirección IP interna del servidor. • http://osvdb.org/45742 http://www.vupen.com/english/advisories/2007/2388 https://exchange.xforce.ibmcloud.com/vulnerabilities/35365 https://secure-support.novell.com/KanisaPlatform/Publishing/370/3555327_f.SAL_Public.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3570
https://notcve.org/view.php?id=CVE-2007-3570
The Linux Access Gateway in Novell Access Manager before 3.0 SP1 Release Candidate 1 (RC1) allows remote attackers to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request. Linux Access Gateway en Novell Access Manager anterior a 3.0 SP1 Release Candidate 1 (RC1) permite a atacantes remotos evitar controles no especificados de seguridad mediante información Fullwidth/Halfwidth codificada en Unicode en una petición POST de HTTP. • http://www.novell.com/documentation/novellaccessmanager/readme/accessmanager_readme.html#ban5hsz http://www.vupen.com/english/advisories/2007/2390 http://www.vupen.com/english/advisories/2007/3075 https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 1CVE-2007-2923
https://notcve.org/view.php?id=CVE-2007-2923
The launch method in the LocalExec ActiveX control (LocalExec.ocx) in Novell exteNd Director 4.1 and Portal Services allows remote attackers to execute arbitrary commands. El método launch en el controlador ActiveX LocalExec (LocalExec.ocx) en Novell exteNd Director 4.1 y Portal Services permite a atacantes remotos ejecutar comandos de su elección. • http://osvdb.org/37318 http://secunia.com/advisories/25710 http://www.kb.cert.org/vuls/id/793433 http://www.novell.com/documentation/nedse41/readmesp2.txt http://www.securityfocus.com/bid/24493 http://www.securitytracker.com/id?1018258 http://www.vupen.com/english/advisories/2007/2235 https://exchange.xforce.ibmcloud.com/vulnerabilities/34898 https://secure-support.novell.com/KanisaPlatform/Publishing/360/3169416_f.SAL_Public.html •
CVSS: 7.1EPSS: 13%CPEs: 1EXPL: 0CVE-2007-3207
https://notcve.org/view.php?id=CVE-2007-3207
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request. Desbordamiento de búfer en el demonio de montado NFS (XNFS.NLM) en Novell NetWare 6.5 SP6, y posiblemente anteriores, permite a atacantes remotos provocar denegación de servicio (abend - abnormal end (finalización no normal)) a través de una ruta larga en una respuesta de montado. • http://osvdb.org/37317 http://secunia.com/advisories/25697 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html http://www.kb.cert.org/vuls/id/578105 http://www.securityfocus.com/bid/24489 http://www.vupen.com/english/advisories/2007/2221 https://exchange.xforce.ibmcloud.com/vulnerabilities/34878 https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3200
https://notcve.org/view.php?id=CVE-2007-3200
NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file. NMASINST en Novell Modular Authentication Service (NMAS) 3.1.2 y anteriores en NetWare registra el comando que lo invoca en NMASINST.LOG, lo cual puede permitir a usuarios locales obtener el nombre de usuario y la contraseña del administrador leyendo este fichero. • http://osvdb.org/35943 http://secunia.com/advisories/25592 http://securitytracker.com/id?1018215 http://www.securityfocus.com/bid/24405 http://www.vupen.com/english/advisories/2007/2118 https://exchange.xforce.ibmcloud.com/vulnerabilities/34806 https://secure-support.novell.com/KanisaPlatform/Publishing/249/3260550_f.SAL_Public.html •