// For flags

CVE-2007-6734

 

Severity Score

4.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.

NWFTPD.nlm anterior a v5.08.07 en el servidor FTP de Novell NetWare v6.5 SP7 no implementa adecuadamente la restricción FTPREST.TXT NOREMOTE, lo que permite a usuarios autenticados en remoto, empleando vectores no especificados, acceder a directorios fuera del servidor que lo aloja.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-04-05 CVE Reserved
  • 2010-04-05 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Novell
Search vendor "Novell"
Netware Ftp Server
Search vendor "Novell" for product "Netware Ftp Server"
*-
Affected
in Novell
Search vendor "Novell"
Netware
Search vendor "Novell" for product "Netware"
6.5
Search vendor "Novell" for product "Netware" and version "6.5"
sp7
Affected