Vulnerabilities > Novell > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-17 | CVE-2005-2620 | Unspecified vulnerability in Novell Groupwise 6.0/6.5/6.5.2 grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory. | 5.0 |
| 2005-07-26 | CVE-2005-2276 | HTML Injection vulnerability in Novell Groupwise Webaccess 6.0/6.5 Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. network novell | 4.3 |
| 2005-07-09 | CVE-2005-2176 | Unspecified vulnerability in Novell Netmail Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies. | 6.4 |
| 2005-06-12 | CVE-2005-1729 | Denial-Of-Service vulnerability in Novell Edirectory 8.7.3 Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. | 5.0 |
| 2005-06-08 | CVE-2005-1756 | Remote vulnerability in Novell NetMail Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields. network novell | 4.3 |
| 2005-05-02 | CVE-2005-1060 | Remote Denial Of Service vulnerability in Novell Netware 6.0/6.5 Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. | 5.0 |
| 2005-05-02 | CVE-2005-0819 | Unspecified vulnerability in Novell Netware 6.5 The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. | 5.0 |
| 2005-05-02 | CVE-2005-0746 | Remote Path Disclosure vulnerability in Novell Ichain 2.2/2.2.113/2.3 The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command. | 5.0 |
| 2005-03-15 | CVE-2005-0797 | Remote Information Disclosure vulnerability in Novell iChain Mini FTP Server Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks. | 5.0 |
| 2004-12-31 | CVE-2004-2757 | Cross-Site Scripting vulnerability in Novell Ichain 2.1/2.2 Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter. | 4.3 |