Vulnerabilities > Novell > Netware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-11-30 | CVE-2011-4191 | Buffer Errors vulnerability in Novell Netware 6.5 Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. | 7.5 |
2011-03-22 | CVE-2010-4228 | Buffer Errors vulnerability in Novell Netware 5.1/6.0/6.5 Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. | 9.0 |
2011-02-25 | CVE-2010-4227 | Buffer Errors vulnerability in Novell Netware 6.5 The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | 10.0 |
2010-06-21 | CVE-2010-2351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName. | 10.0 |
2010-04-05 | CVE-2010-0625 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. | 6.5 |
2010-04-05 | CVE-2007-6735 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
2010-04-05 | CVE-2007-6734 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | 4.0 |
2010-04-05 | CVE-2005-4888 | Denial-Of-Service vulnerability in Novell NetWare NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | 5.0 |
2010-04-05 | CVE-2005-4887 | Remote Security vulnerability in Netware FTP Server NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | 7.5 |
2010-04-05 | CVE-2004-2767 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | 4.3 |