Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.
Max CVSS
9.8
EPSS Score
0.86%
Published
2002-12-31
Updated
2024-02-08
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
Max CVSS
7.5
EPSS Score
2.40%
Published
2002-12-31
Updated
2008-09-05
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-12-31
Updated
2008-09-05
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
Max CVSS
4.6
EPSS Score
0.05%
Published
2002-12-31
Updated
2017-07-11
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-12-31
Updated
2017-07-11
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.
Max CVSS
5.0
EPSS Score
0.69%
Published
2002-12-31
Updated
2017-07-11
Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute.
Max CVSS
5.0
EPSS Score
0.88%
Published
2002-11-29
Updated
2017-07-11
Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.
Max CVSS
7.5
EPSS Score
5.26%
Published
2002-10-04
Updated
2008-09-05
Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.
Max CVSS
5.0
EPSS Score
0.60%
Published
2002-10-04
Updated
2008-09-05
Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.70%
Published
2002-10-04
Updated
2008-09-05
Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.
Max CVSS
7.5
EPSS Score
4.53%
Published
2002-10-04
Updated
2008-09-05
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
Max CVSS
5.0
EPSS Score
0.87%
Published
2002-10-04
Updated
2008-09-05
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
Max CVSS
5.0
EPSS Score
0.87%
Published
2002-10-04
Updated
2008-09-05
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.
Max CVSS
5.0
EPSS Score
2.38%
Published
2002-08-12
Updated
2008-09-05
Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface.
Max CVSS
5.0
EPSS Score
0.50%
Published
2002-08-12
Updated
2008-09-05
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
Max CVSS
5.0
EPSS Score
0.49%
Published
2002-08-12
Updated
2008-09-05
IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND.
Max CVSS
5.0
EPSS Score
0.70%
Published
2002-08-12
Updated
2008-09-05
FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data.
Max CVSS
5.0
EPSS Score
0.76%
Published
2002-08-12
Updated
2008-09-05
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter.
Max CVSS
5.1
EPSS Score
0.22%
Published
2002-08-12
Updated
2008-09-10
GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.
Max CVSS
5.0
EPSS Score
0.12%
Published
2002-06-25
Updated
2016-10-18
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.
Max CVSS
4.6
EPSS Score
0.05%
Published
2002-05-31
Updated
2016-10-18
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.
Max CVSS
5.0
EPSS Score
0.73%
Published
2002-01-15
Updated
2017-12-19
22 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!