Filtered by vendor Novell
Subscriptions
Total
671 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0639 | 1 Novell | 1 Ichain | 2024-11-21 | N/A |
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication. | ||||
CVE-2003-0638 | 1 Novell | 1 Ichain | 2024-11-21 | N/A |
Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." | ||||
CVE-2003-0637 | 1 Novell | 1 Ichain | 2024-11-21 | N/A |
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. | ||||
CVE-2003-0636 | 1 Novell | 1 Ichain | 2024-11-21 | N/A |
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | ||||
CVE-2003-0635 | 1 Novell | 1 Ichain | 2024-11-21 | N/A |
Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM. | ||||
CVE-2003-0562 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. | ||||
CVE-2002-2434 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | N/A |
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | ||||
CVE-2002-2433 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | N/A |
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | ||||
CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | N/A |
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | ||||
CVE-2002-2119 | 1 Novell | 1 Edirectory | 2024-11-21 | 9.8 Critical |
Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. | ||||
CVE-2002-2096 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | ||||
CVE-2002-2083 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. | ||||
CVE-2002-1772 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. | ||||
CVE-2002-1754 | 1 Novell | 1 Netware Client | 2024-11-21 | N/A |
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. | ||||
CVE-2002-1634 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | ||||
CVE-2002-1552 | 1 Novell | 1 Edirectory | 2024-11-21 | N/A |
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. | ||||
CVE-2002-1438 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. | ||||
CVE-2002-1437 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences. | ||||
CVE-2002-1436 | 1 Novell | 1 Netware | 2024-11-21 | N/A |
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. | ||||
CVE-2002-1418 | 1 Novell | 2 Netware, Small Business Suite | 2024-11-21 | N/A |
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name. |