Filtered by vendor Novell
Subscribe
Total
670 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-06-07 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||||
| CVE-2009-4879 | 1 Novell | 1 Access Manager | 2010-05-26 | 4.3 MEDIUM | N/A |
| The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions. | |||||
| CVE-2007-6735 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-06 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||||
| CVE-2007-6734 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 4.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | |||||
| CVE-2004-2767 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 4.3 MEDIUM | N/A |
| NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | |||||
| CVE-2003-1595 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 10.0 HIGH | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | |||||
| CVE-2003-1594 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||||
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||||
| CVE-2005-4888 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 5.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | |||||
| CVE-2003-1593 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 7.5 HIGH | N/A |
| NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | |||||
| CVE-2003-1592 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | |||||
| CVE-2000-1246 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 3.5 LOW | N/A |
| NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. | |||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | |||||
| CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2010-04-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | |||||
| CVE-2001-1587 | 1 Novell | 1 Netware | 2010-04-05 | 5.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. | |||||
| CVE-2010-0666 | 1 Novell | 1 Edirectory | 2010-02-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926. | |||||
| CVE-2009-3862 | 1 Novell | 1 Edirectory | 2009-11-04 | 5.0 MEDIUM | N/A |
| The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. | |||||
| CVE-2009-2707 | 1 Novell | 1 Suse Linux Enterprise Server | 2009-09-18 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application. | |||||
| CVE-2008-6722 | 1 Novell | 1 Access Manager | 2009-04-28 | 1.9 LOW | N/A |
| Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. | |||||
| CVE-2008-2025 | 3 Apache, Novell, Opensuse | 3 Struts, Suse Linux, Opensuse | 2009-04-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "insufficient quoting of parameters." | |||||