Vulnerabilities > Novell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-27 | CVE-2006-6424 | Heap Overflow vulnerability in Novell Netmail IMAP Verb Literal Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow. | 9.0 |
| 2006-12-21 | CVE-2006-6675 | Cross-Site Scripting vulnerability in Novell Apache Http Server and Netware Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app. network novell | 6.8 |
| 2006-12-10 | CVE-2006-6450 | SQL Injection vulnerability in Novell Zenworks Patch Management Server 6.3.2.700 Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. | 7.5 |
| 2006-12-10 | CVE-2006-6443 | Buffer Overflow vulnerability in Novell Client 4.91 Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors. | 10.0 |
| 2006-12-05 | CVE-2006-6307 | Remote Denial of Service vulnerability in Novell Client 4.91 srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary. | 5.0 |
| 2006-12-05 | CVE-2006-6306 | Local Security vulnerability in Novell Client 4.91 Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window. | 1.2 |
| 2006-12-05 | CVE-2006-6299 | Remote Integer Overflow vulnerability in Novell Zenworks Asset Management 7 Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. | 10.0 |
| 2006-12-03 | CVE-2006-5854 | Remote Buffer Overflow vulnerability in Novell Netware Client 4.91 Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions. | 7.5 |
| 2006-11-08 | CVE-2006-5814 | Remote Security vulnerability in eDirectory Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. | 7.5 |
| 2006-11-08 | CVE-2006-5813 | Denial-Of-Service vulnerability in Novell Edirectory 8.8 Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of 20061108, this disclosure has no actionable information. | 5.0 |