Vulnerabilities > Novell > Netware > 6.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-05 | CVE-2003-1593 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | 7.5 |
| 2010-04-05 | CVE-2003-1592 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware and Netware FTP Server Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | 5.0 |
| 2010-04-05 | CVE-2003-1591 | Denial-Of-Service vulnerability in Novell Netware 6.0/6.5 NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload. network novell | 4.3 |
| 2010-04-05 | CVE-2002-2434 | Denial-Of-Service vulnerability in Netware NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | 5.0 |
| 2010-04-05 | CVE-2002-2433 | Improper Input Validation vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | 4.0 |
| 2010-01-15 | CVE-2010-0317 | Resource Management Errors vulnerability in Novell Netware 6.5 Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. | 7.8 |
| 2008-12-19 | CVE-2008-5696 | Credentials Management vulnerability in Novell Netware 6.5 Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. | 9.3 |
| 2007-07-05 | CVE-2007-3571 | Information Disclosure vulnerability in Groupwise The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. network novell | 4.3 |
| 2006-12-21 | CVE-2006-6675 | Cross-Site Scripting vulnerability in Novell Apache Http Server and Netware Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. network novell | 6.8 |
| 2006-05-22 | CVE-2006-2185 | Local Information Disclosure vulnerability in Novell Netware 6.5 PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | 4.0 |