Novell : Security Vulnerabilities, CVEs, Published In March 2008
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5 before SP6 Update 3 allows remote authenticated users to access the non-shared stored e-mail messages of another user who has shared at least one folder with the attacker.
Max CVSS
3.5
EPSS Score
0.15%
Published
2008-03-18
Updated
2017-08-08
CVE-2008-0926
Public exploit
The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before 8.8.2, relies on client-side authentication, which allows remote attackers to bypass authentication via requests for /SOAP URIs, and cause a denial of service (daemon shutdown) or read arbitrary files. NOTE: it was later reported that 8.7.3.10 (aka 8.7.3 SP10) is also affected.
Max CVSS
7.5
EPSS Score
34.62%
Published
2008-03-28
Updated
2018-10-15
Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field.
Max CVSS
6.8
EPSS Score
7.61%
Published
2008-03-28
Updated
2018-11-01
3 vulnerabilities found