The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server.
Max CVSS
5.0
EPSS Score
0.88%
Published
1996-07-01
Updated
2022-08-17
ICMP redirect messages may crash or lock up a host.
Max CVSS
5.0
EPSS Score
6.06%
Published
1997-01-01
Updated
2018-08-13
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
Max CVSS
5.0
EPSS Score
0.38%
Published
1999-04-09
Updated
2008-09-09
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
Max CVSS
5.0
EPSS Score
0.19%
Published
2001-03-12
Updated
2017-12-19
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
Max CVSS
5.0
EPSS Score
0.16%
Published
1999-06-16
Updated
2022-08-17
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
Max CVSS
5.0
EPSS Score
4.02%
Published
1999-12-19
Updated
2016-10-18
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.
Max CVSS
5.0
EPSS Score
0.21%
Published
1999-12-19
Updated
2016-10-18
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.
Max CVSS
5.0
EPSS Score
0.73%
Published
2002-01-15
Updated
2017-12-19
The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet.
Max CVSS
5.0
EPSS Score
0.32%
Published
2000-02-07
Updated
2008-09-10
Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.
Max CVSS
5.0
EPSS Score
0.47%
Published
2000-03-30
Updated
2008-09-10
Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL.
Max CVSS
5.0
EPSS Score
0.12%
Published
2000-07-05
Updated
2008-09-10
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
Max CVSS
5.0
EPSS Score
0.37%
Published
2000-07-11
Updated
2008-09-10
Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.
Max CVSS
5.0
EPSS Score
0.42%
Published
2001-06-27
Updated
2016-10-18
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.
Max CVSS
5.0
EPSS Score
4.19%
Published
2001-07-02
Updated
2017-10-10
GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.
Max CVSS
5.0
EPSS Score
0.33%
Published
2001-08-14
Updated
2017-10-10
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".
Max CVSS
5.0
EPSS Score
0.21%
Published
2001-08-14
Updated
2017-12-19
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-08-14
Updated
2018-10-30
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
Max CVSS
5.0
EPSS Score
0.98%
Published
2001-10-15
Updated
2017-07-11
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
Max CVSS
5.0
EPSS Score
2.06%
Published
2001-12-31
Updated
2017-12-19
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
Max CVSS
5.0
EPSS Score
1.69%
Published
2010-04-05
Updated
2010-04-05
GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.
Max CVSS
5.0
EPSS Score
0.12%
Published
2002-06-25
Updated
2016-10-18
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter.
Max CVSS
5.1
EPSS Score
0.22%
Published
2002-08-12
Updated
2008-09-10
FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data.
Max CVSS
5.0
EPSS Score
0.76%
Published
2002-08-12
Updated
2008-09-05
IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND.
Max CVSS
5.0
EPSS Score
0.70%
Published
2002-08-12
Updated
2008-09-05
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
Max CVSS
5.0
EPSS Score
0.49%
Published
2002-08-12
Updated
2008-09-05
145 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!