Vulnerabilities > Novell > Ichain > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-15 | CVE-2005-0798 | Remote Security vulnerability in Novell Ichain 2.2/2.2.113/2.3 Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks. | 7.5 |
| 2004-12-31 | CVE-2004-2579 | Remote vulnerability in Novell Ichain 2.3 ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding." | 7.5 |
| 2004-12-31 | CVE-2004-2314 | Remote Security vulnerability in Novell Ichain 2.1/2.2 The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote attackers to gain access. | 7.5 |
| 2003-08-27 | CVE-2003-0638 | Denial-Of-Service vulnerability in Novell Ichain 2.1 Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." | 7.5 |
| 2003-08-27 | CVE-2003-0636 | Remote Security vulnerability in Novell Ichain 2.2 Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. | 7.5 |