Vulnerabilities > Novell > Netware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-11-30 | CVE-2011-4191 | Buffer Errors vulnerability in Novell Netware 6.5 Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. | 7.5 |
2010-04-05 | CVE-2007-6735 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
2010-04-05 | CVE-2005-4887 | Remote Security vulnerability in Netware FTP Server NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | 7.5 |
2010-04-05 | CVE-2003-1596 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
2010-04-05 | CVE-2003-1594 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session. | 7.5 |
2010-04-05 | CVE-2003-1593 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | 7.5 |
2010-04-05 | CVE-2000-1245 | Permissions, Privileges, and Access Controls vulnerability in Novell Netware and Netware FTP Server Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | 7.5 |
2010-01-15 | CVE-2010-0317 | Resource Management Errors vulnerability in Novell Netware 6.5 Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. | 7.8 |
2009-05-14 | CVE-2009-0714 | Privilege Escalation vulnerability in HP Data Protector Express 3.5/4.0 Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. | 7.2 |
2003-12-15 | CVE-2003-0976 | Remote Security vulnerability in Novell Netware 6.5 NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | 7.5 |