Vulnerabilities > Novell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-10-27 | CVE-2005-3321 | chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. | 4.6 |
| 2005-10-20 | CVE-2005-2469 | Remote Buffer Overflow vulnerability in Novell Netmail 3.5.2 Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command. | 4.6 |
| 2005-10-04 | CVE-2005-2804 | Local Integer Overflow vulnerability in Novell Groupwise 6.5.3 Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key. | 5.0 |
| 2005-09-08 | CVE-2005-2852 | Denial-Of-Service vulnerability in Novell Netware 5.1/6.0/6.5 Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. | 5.0 |
| 2005-08-17 | CVE-2005-2620 | Unspecified vulnerability in Novell Groupwise 6.0/6.5/6.5.2 grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory. | 5.0 |
| 2005-08-12 | CVE-2005-2551 | Buffer Overflow vulnerability in Novell Edirectory 8.7.3 Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors. | 7.5 |
| 2005-08-03 | CVE-2005-2346 | Unspecified vulnerability in Novell Groupwise 6.5 Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. | 7.5 |
| 2005-07-26 | CVE-2005-2276 | HTML Injection vulnerability in Novell Groupwise Webaccess 6.0/6.5 Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. network novell | 4.3 |
| 2005-07-09 | CVE-2005-2176 | Unspecified vulnerability in Novell Netmail Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | 6.4 |
| 2005-06-12 | CVE-2005-1729 | Denial-Of-Service vulnerability in Novell Edirectory 8.7.3 Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. | 5.0 |