CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Metasploit Modules Related To Novell

CVE-2005-1543  Novell ZENworks 6.5 Desktop/Server Management Overflow
This module exploits a heap overflow in the Novell ZENworks Desktop Management agent. This vulnerability was discovered by Alex Wheeler.
Module type : exploit Rank : good Platforms : Windows
CVE-2005-2551  eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow
This module exploits a stack buffer overflow in eDirectory 8.7.3 iMonitor service. This vulnerability was discovered by Peter Winter-Smith of NGSSoftware. NOTE: repeated exploitation attempts may cause eDirectory to crash. It does not restart automatically in a default installation.
Module type : exploit Rank : great Platforms : Windows
CVE-2005-2852  Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow
This module exploits a stack buffer overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot.
Module type : exploit Rank : average Platforms : Netware
CVE-2005-3314  Novell NetMail IMAP STATUS Buffer Overflow
This module exploits a stack buffer overflow in Novell's Netmail 3.52 IMAP STATUS verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Module type : exploit Rank : average Platforms : Windows
CVE-2006-992  Novell Messenger Server 2.0 Accept-Language Overflow
This module exploits a stack buffer overflow in Novell GroupWise Messenger Server v2.0. This flaw is triggered by any HTTP request with an Accept-Language header greater than 16 bytes. To overwrite the return address on the stack, we must first pass a memcpy() operation that uses pointers we supply. Due to the large list of restricted characters and the limitations of the current encoder modules, very few payloads are usable.
Module type : exploit Rank : average Platforms : Windows
CVE-2006-5478  Novell eDirectory NDS Server Host Header Overflow
This module exploits a stack buffer overflow in Novell eDirectory 8.8.1. The web interface does not validate the length of the HTTP Host header prior to using the value of that header in an HTTP redirect.
Module type : exploit Rank : great Platforms : Windows
CVE-2006-6424  Novell NetMail NMAP STOR Buffer Overflow
This module exploits a stack buffer overflow in Novell's Netmail 3.52 NMAP STOR verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Module type : exploit Rank : average Platforms : Windows
CVE-2006-6425  Novell NetMail IMAP APPEND Buffer Overflow
This module exploits a stack buffer overflow in Novell's Netmail 3.52 IMAP APPEND verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Module type : exploit Rank : average Platforms : Windows
CVE-2006-6761  Novell NetMail IMAP SUBSCRIBE Buffer Overflow
This module exploits a stack buffer overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE verb. By sending an overly long string, an attacker can overwrite the buffer and control program execution.
Module type : exploit Rank : average Platforms : Windows
CVE-2008-926  Novell eDirectory eMBox Unauthenticated File Access
This module will access Novell eDirectory's eMBox service and can run the following actions via the SOAP interface: GET_DN, READ_LOGS, LIST_SERVICES, STOP_SERVICE, START_SERVICE, SET_LOGFILE.
Module type : auxiliary Rank : normal
CVE-2008-935  Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow
This module exploits a stack buffer overflow in Novell iPrint Client 4.26. When sending an overly long string to the ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2008-2703  Novell GroupWise Messenger Client Buffer Overflow
This module exploits a stack buffer overflow in Novell's GroupWise Messenger Client. By sending a specially crafted HTTP response, an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2008-2908  Novell iPrint Client ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Novell iPrint Client 4.34. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2009-1350  Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow
This module exploits a stack buffer overflow in Novell's NetIdentity Agent. When sending a specially crafted string to the 'XTIERRPCPIPE' named pipe, an attacker may be able to execute arbitrary code. The success of this module is much greater once the service has been restarted.
Module type : exploit Rank : great Platforms : Windows
CVE-2009-1568  Novell iPrint Client ActiveX Control target-frame Buffer Overflow
This module exploits a stack buffer overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Module type : exploit Rank : great Platforms : Windows
CVE-2009-1569  Novell iPrint Client ActiveX Control Date/Time Buffer Overflow
This module exploits a stack buffer overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.
Module type : exploit Rank : great Platforms : Windows
CVE-2010-1527  Novell iPrint Client ActiveX Control call-back-url Buffer Overflow
This module exploits a stack-based buffer overflow in Novell iPrint Client 5.42. When sending an overly long string to the 'call-back-url' parameter in an op-client-interface-version action of ienipp.ocx an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2010-3106  Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow
This module exploits a stack-based buffer overflow in Novell iPrint Client 5.40. When sending an overly long string to the 'debug' parameter in ExecuteRequest() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2010-4321  Novell iPrint Client ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in Novell iPrint Client 5.52. When sending an overly long string to the GetDriverSettings() property of ienipp.ocx an attacker may be able to execute arbitrary code.
Module type : exploit Rank : normal Platforms : Windows
CVE-2011-2653  Novell ZENworks Asset Management Remote Execution
This module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
Module type : exploit Rank : excellent Platforms : Java

Please note: Metasploit modules are only matched by CVE numbers. There may be other modules related to this product. Visit metasploit web site for more details
Total number of modules found = 51   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.