Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
Max CVSS
6.5
EPSS Score
30.93%
Published
2010-04-05
Updated
2018-10-10
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.
Max CVSS
7.5
EPSS Score
0.26%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.59%
Published
2010-04-05
Updated
2010-04-06
Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow.
Max CVSS
5.0
EPSS Score
5.63%
Published
2006-03-20
Updated
2017-07-20
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
Max CVSS
5.0
EPSS Score
1.37%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.
Max CVSS
7.5
EPSS Score
0.23%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
Max CVSS
4.3
EPSS Score
1.61%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
Max CVSS
7.5
EPSS Score
0.28%
Published
2010-04-05
Updated
2010-06-08
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.20%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
Max CVSS
7.5
EPSS Score
0.28%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.
Max CVSS
7.5
EPSS Score
0.33%
Published
2010-04-05
Updated
2010-04-06
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
Max CVSS
5.0
EPSS Score
0.85%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
Max CVSS
5.0
EPSS Score
0.19%
Published
2010-04-05
Updated
2010-06-08
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
Max CVSS
4.0
EPSS Score
0.43%
Published
2010-04-05
Updated
2010-06-08
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
Max CVSS
5.0
EPSS Score
0.21%
Published
2010-04-05
Updated
2010-04-05
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
Max CVSS
3.5
EPSS Score
0.82%
Published
2010-04-05
Updated
2010-04-05
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.
Max CVSS
7.5
EPSS Score
0.28%
Published
2010-04-05
Updated
2010-04-05
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!