ReportizFlow
Filtered by vendor Novell
Subscriptions
Filtered by product Netware
Subscriptions
Total
76 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0930 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | ||||
| CVE-2006-0997 | 1 Novell | 2 Netware, Open Enterprise Server | 2026-04-16 | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. | ||||
| CVE-2002-1772 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. | ||||
| CVE-2006-2185 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | ||||
| CVE-1999-1320 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | ||||
| CVE-2004-2103 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename. | ||||
| CVE-2004-2106 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | ||||
| CVE-2005-0819 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. | ||||
| CVE-2006-0998 | 1 Novell | 2 Netware, Open Enterprise Server | 2026-04-16 | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. | ||||
| CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2026-04-16 | N/A |
| Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | ||||
| CVE-2006-0999 | 1 Novell | 2 Netware, Open Enterprise Server | 2026-04-16 | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. | ||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2026-04-16 | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | ||||
| CVE-1999-0470 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | ||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | ||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | ||||
| CVE-2002-1436 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | ||||
| CVE-1999-1382 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. | ||||
| CVE-2006-1322 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-16 | N/A |
| Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | ||||
| CVE-1999-0265 | 2 Microware, Novell | 2 Os-9, Netware | 2026-04-16 | N/A |
| ICMP redirect messages may crash or lock up a host. | ||||
| CVE-2002-2096 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | ||||