Search Results (79 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2103 1 Novell 1 Netware 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename.
CVE-2004-2104 1 Novell 1 Netware 2025-04-03 N/A
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.
CVE-2002-1634 1 Novell 1 Netware 2025-04-03 N/A
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.
CVE-2002-2096 1 Novell 1 Netware 2025-04-03 N/A
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
CVE-2004-2414 1 Novell 1 Netware 2025-04-03 N/A
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.
CVE-2002-1754 1 Novell 1 Netware Client 2025-04-03 N/A
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.
CVE-2000-0669 1 Novell 1 Netware 2025-04-03 N/A
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
CVE-1999-0929 1 Novell 2 Http Server, Netware 2025-04-03 N/A
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
CVE-2001-1580 2 Nombas, Novell 2 Scriptease Webserver, Netware 2025-04-03 N/A
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
CVE-2002-0929 1 Novell 1 Netware 2025-04-03 N/A
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
CVE-2002-0930 1 Novell 1 Netware 2025-04-03 N/A
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
CVE-2002-1418 1 Novell 2 Netware, Small Business Suite 2025-04-03 N/A
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.
CVE-2002-1437 1 Novell 1 Netware 2025-04-03 N/A
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
CVE-2002-1438 1 Novell 1 Netware 2025-04-03 N/A
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.
CVE-2004-2105 1 Novell 1 Netware 2025-04-03 N/A
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.
CVE-2004-2106 1 Novell 1 Netware 2025-04-03 N/A
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.
CVE-2005-0819 1 Novell 1 Netware 2025-04-03 N/A
The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.
CVE-2006-0997 1 Novell 2 Netware, Open Enterprise Server 2025-04-03 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
CVE-2006-0998 1 Novell 2 Netware, Open Enterprise Server 2025-04-03 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
CVE-2006-1322 1 Novell 2 Netware, Netware Ftp Server 2025-04-03 N/A
Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow.