Total
76 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1772 | 1 Novell | 1 Netware | 2025-04-03 | 4.6 MEDIUM | N/A |
| Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password. | |||||
| CVE-1999-1382 | 1 Novell | 1 Netware | 2025-04-03 | 7.2 HIGH | N/A |
| NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. | |||||
| CVE-1999-1215 | 1 Novell | 1 Netware | 2025-04-03 | 4.6 MEDIUM | N/A |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
| CVE-2000-0669 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data. | |||||
| CVE-2002-1417 | 1 Novell | 2 Netware, Small Business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator. | |||||
| CVE-2003-0976 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | |||||
| CVE-1999-0805 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
| CVE-1999-1320 | 1 Novell | 1 Netware | 2025-04-03 | 4.6 MEDIUM | N/A |
| Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-04-03 | 2.1 LOW | N/A |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
| CVE-2005-1060 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. | |||||
| CVE-2002-1634 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl. | |||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2025-04-03 | 10.0 HIGH | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | |||||
| CVE-2006-2327 | 1 Novell | 1 Netware | 2025-04-03 | 6.4 MEDIUM | N/A |
| Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | |||||
| CVE-1999-0929 | 1 Novell | 2 Http Server, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. | |||||
| CVE-2002-1418 | 1 Novell | 2 Netware, Small Business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name. | |||||
| CVE-2004-2106 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | |||||
| CVE-2006-0999 | 1 Novell | 2 Netware, Open Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. | |||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2006-2185 | 1 Novell | 1 Netware | 2025-04-03 | 4.0 MEDIUM | N/A |
| PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | |||||