Vulnerabilities > Novell > Netware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-11 | CVE-2002-1417 | Directory Traversal vulnerability in Novell NetBasic Scripting Server Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | 5.0 |
| 2002-12-31 | CVE-2002-1772 | Unspecified vulnerability in Novell Netware 5.0/5.1 Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. | 4.6 |
| 2002-12-31 | CVE-2002-1634 | Information Disclosure vulnerability in Netscape Enterprise Web Server for Netware 5.0/5.1 Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | 5.0 |
| 2002-10-04 | CVE-2002-0930 | Unspecified vulnerability in Novell Netware 6.0 Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command. | 5.0 |
| 2002-10-04 | CVE-2002-0929 | Unspecified vulnerability in Novell Netware 6.0 Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | 5.0 |
| 2002-08-12 | CVE-2002-0791 | Denial Of Service vulnerability in Novell Netware 5.1/6.0 Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. | 5.0 |
| 2001-12-31 | CVE-2001-1580 | Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | 5.0 |
| 2001-08-14 | CVE-2001-1233 | Remote Security vulnerability in Novell Groupwise Webaccess and Netware Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | 5.0 |
| 2001-03-12 | CVE-1999-0805 | Unspecified vulnerability in Novell Netware Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | 5.0 |
| 1999-12-31 | CVE-1999-1320 | Unspecified vulnerability in Novell Netware 3.0 Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | 4.6 |