Vulnerabilities > Novell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-27 | CVE-2006-0736 | Remote Buffer Overflow vulnerability in Novell Linux Desktop and Open Enterprise Server Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2006-02-23 | CVE-2006-0803 | The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. | 5.0 |
| 2005-12-31 | CVE-2005-4791 | Local Privilege Escalation vulnerability in Novell Suse Linux 10.0 Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee. | 2.1 |
| 2005-12-31 | CVE-2005-4790 | Local Privilege Escalation vulnerability in Tomboy LD_LIBRARY_PATH Environment Variable Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. | 6.9 |
| 2005-12-31 | CVE-2005-3655 | Remote Manager HTTP Request Header Heap Overflow vulnerability in Novell Open Enterprise Server 9 Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter. | 7.5 |
| 2005-12-31 | CVE-2005-1976 | Unspecified vulnerability in Novell Netmail 3.5.2 Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files. | 1.7 |
| 2005-12-31 | CVE-2005-1730 | Unspecified vulnerability in Novell Imanager 1.5/2.0/2.0.2 Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. | 9.3 |
| 2005-11-23 | CVE-2005-3786 | Remote Diagnostics Console One Unauthorized Access vulnerability in Novell ZENworks Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One. | 4.6 |
| 2005-11-18 | CVE-2005-3314 | Buffer Errors vulnerability in Novell Netmail 3.5.2 Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments." | 7.5 |
| 2005-10-30 | CVE-2005-3315 | SQL Injection vulnerability in Novell Zenworks Patch Management Server 6.0.0.52 Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp. | 7.5 |