Filtered by vendor Novell Subscriptions
Total 671 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1543 1 Novell 5 Zenworks, Zenworks Desktops, Zenworks Remote Management and 2 more 2024-11-21 N/A
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.
CVE-2005-1247 1 Novell 1 Nsure Audit 2024-11-21 N/A
webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.
CVE-2005-1065 1 Novell 1 Linux Desktop 2024-11-21 N/A
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.
CVE-2005-1060 1 Novell 1 Netware 2024-11-21 N/A
Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets.
CVE-2005-1040 1 Novell 1 Linux Desktop 2024-11-21 N/A
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."
CVE-2005-0819 1 Novell 1 Netware 2024-11-21 N/A
The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.
CVE-2005-0798 1 Novell 1 Ichain 2024-11-21 N/A
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
CVE-2005-0797 1 Novell 1 Ichain 2024-11-21 N/A
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
CVE-2005-0746 1 Novell 1 Ichain 2024-11-21 N/A
The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.
CVE-2005-0744 1 Novell 1 Ichain 2024-11-21 N/A
The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.
CVE-2005-0296 1 Novell 2 Groupwise, Groupwise Webaccess 2024-11-21 N/A
NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue
CVE-2004-2767 1 Novell 2 Netware, Netware Ftp Server 2024-11-21 N/A
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
CVE-2004-2757 1 Novell 1 Ichain 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter.
CVE-2004-2734 1 Novell 1 Netware 2024-11-21 N/A
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
CVE-2004-2582 1 Novell 1 Ichain 2024-11-21 N/A
Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information.
CVE-2004-2581 1 Novell 1 Ichain 2024-11-21 N/A
Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string."
CVE-2004-2580 1 Novell 1 Ichain 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors.
CVE-2004-2579 1 Novell 1 Ichain 2024-11-21 N/A
ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."
CVE-2004-2554 1 Novell 1 Client Firewall 2024-11-21 N/A
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.
CVE-2004-2414 1 Novell 1 Netware 2024-11-21 N/A
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.