CVE-2010-3106

Public exploit
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.
Max CVSS
9.3
EPSS Score
18.40%
Published
2010-08-23
Updated
2017-09-19
A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module.
Max CVSS
7.1
EPSS Score
40.60%
Published
2010-08-23
Updated
2017-09-19
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.
Max CVSS
5.0
EPSS Score
3.05%
Published
2010-06-28
Updated
2018-10-10
Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926.
Max CVSS
5.0
EPSS Score
2.23%
Published
2010-02-19
Updated
2010-02-22
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
Max CVSS
6.5
EPSS Score
30.93%
Published
2010-04-05
Updated
2018-10-10
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.
Max CVSS
7.8
EPSS Score
12.60%
Published
2010-01-15
Updated
2018-10-10
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.
Max CVSS
9.0
EPSS Score
4.29%
Published
2010-02-26
Updated
2018-10-10
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.
Max CVSS
5.0
EPSS Score
1.37%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.
Max CVSS
4.3
EPSS Score
1.61%
Published
2010-04-05
Updated
2010-04-06
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
Max CVSS
5.0
EPSS Score
0.85%
Published
2010-04-05
Updated
2010-04-06
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.
Max CVSS
4.3
EPSS Score
0.19%
Published
2010-04-05
Updated
2010-06-08
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
Max CVSS
5.0
EPSS Score
0.19%
Published
2010-04-05
Updated
2010-06-08
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
Max CVSS
4.0
EPSS Score
0.43%
Published
2010-04-05
Updated
2010-06-08
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.
Max CVSS
5.0
EPSS Score
0.21%
Published
2010-04-05
Updated
2010-04-05
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
Max CVSS
5.0
EPSS Score
1.69%
Published
2010-04-05
Updated
2010-04-05
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
Max CVSS
3.5
EPSS Score
0.82%
Published
2010-04-05
Updated
2010-04-05
16 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!