Vulnerabilities > Novell > Netware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-03-22 | CVE-2010-4228 | Buffer Errors vulnerability in Novell Netware 5.1/6.0/6.5 Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. | 9.0 |
2011-02-25 | CVE-2010-4227 | Buffer Errors vulnerability in Novell Netware 6.5 The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | 10.0 |
2010-06-21 | CVE-2010-2351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Netware Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName. | 10.0 |
2010-04-05 | CVE-2003-1595 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | 10.0 |
2008-12-19 | CVE-2008-5696 | Credentials Management vulnerability in Novell Netware 6.5 Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. | 9.3 |
2004-12-31 | CVE-2004-2734 | Improper Authentication vulnerability in Novell Netware 6.5 webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | 10.0 |
1999-07-15 | CVE-1999-1086 | Unspecified vulnerability in Novell Netware Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | 10.0 |