Vulnerabilities > Novell > Netware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-23 | CVE-2006-0998 | Multiple vulnerability in Novell Netware and Open Enterprise Server The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. | 5.0 |
2006-03-23 | CVE-2006-0997 | Multiple vulnerability in Novell Netware and Open Enterprise Server The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. | 5.0 |
2006-03-20 | CVE-2006-1322 | Denial Of Service vulnerability in Novell Netware FTP Server Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | 5.0 |
2005-09-08 | CVE-2005-2852 | Denial-Of-Service vulnerability in Novell Netware 5.1/6.0/6.5 Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. | 5.0 |
2005-05-02 | CVE-2005-1060 | Remote Denial Of Service vulnerability in Novell Netware 6.0/6.5 Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. | 5.0 |
2005-05-02 | CVE-2005-0819 | Unspecified vulnerability in Novell Netware 6.5 The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. | 5.0 |
2004-12-31 | CVE-2004-2734 | Improper Authentication vulnerability in Novell Netware 6.5 webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | 10.0 |
2004-12-31 | CVE-2004-2414 | Unspecified vulnerability in Novell Netware 6.5 Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. | 2.1 |
2004-12-31 | CVE-2004-2336 | Unknown vulnerability in Novell GroupWise and GroupWise WebAccess 6.0 through 6.5, when running with Apache Web Server 1.3 for NetWare where Apache is loaded using GWAPACHE.CONF, allows remote attackers to read directories and files on the server. | 5.0 |
2004-12-31 | CVE-2004-2106 | Remote Security vulnerability in Novell Netware 5.1/6.0 Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | 5.0 |