Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
Max CVSS
10.0
EPSS Score
0.23%
Published
1999-07-15
Updated
2016-10-18
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
Max CVSS
10.0
EPSS Score
6.52%
Published
2000-10-20
Updated
2008-09-05
Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."
Max CVSS
10.0
EPSS Score
0.50%
Published
2003-12-31
Updated
2017-08-08
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.20%
Published
2010-04-05
Updated
2010-04-06
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
Max CVSS
10.0
EPSS Score
1.99%
Published
2004-12-31
Updated
2017-07-29
The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.
Max CVSS
10.0
EPSS Score
0.55%
Published
2005-05-02
Updated
2017-07-11
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
85.50%
Published
2006-02-27
Updated
2020-02-24

CVE-2006-0992

Public exploit
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
Max CVSS
10.0
EPSS Score
35.09%
Published
2006-04-14
Updated
2018-10-18
Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.
Max CVSS
10.0
EPSS Score
16.60%
Published
2006-05-11
Updated
2018-10-18
Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
Max CVSS
10.0
EPSS Score
82.69%
Published
2006-05-20
Updated
2018-10-18
Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.
Max CVSS
10.0
EPSS Score
91.88%
Published
2006-10-24
Updated
2017-07-20
The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory.
Max CVSS
10.0
EPSS Score
90.89%
Published
2006-10-24
Updated
2017-07-20
Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
12.82%
Published
2006-12-05
Updated
2017-07-29
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.63%
Published
2006-12-10
Updated
2011-03-08
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Max CVSS
10.0
EPSS Score
94.92%
Published
2007-04-24
Updated
2018-10-16
Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 before 6.0.106 has unknown impact and remote attack vectors, related to Active Directory (AD) password changes.
Max CVSS
10.0
EPSS Score
0.87%
Published
2007-05-02
Updated
2011-03-08
Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.
Max CVSS
10.0
EPSS Score
68.22%
Published
2007-05-11
Updated
2017-07-29
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
Max CVSS
10.0
EPSS Score
77.30%
Published
2007-08-31
Updated
2017-07-29
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
Max CVSS
10.0
EPSS Score
40.91%
Published
2007-11-02
Updated
2011-03-08
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
Max CVSS
10.0
EPSS Score
79.42%
Published
2008-02-13
Updated
2017-08-08
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
Max CVSS
10.0
EPSS Score
43.87%
Published
2008-02-13
Updated
2018-10-15

CVE-2008-0935

Public exploit
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.
Max CVSS
10.0
EPSS Score
40.95%
Published
2008-02-25
Updated
2011-03-08
Heap-based buffer overflow in Novell eDirectory 8.7.3 before 8.7.3.10b, and 8.8 before 8.8.2 FTF2, allows remote attackers to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Max CVSS
10.0
EPSS Score
82.25%
Published
2008-07-14
Updated
2017-08-08

CVE-2008-2703

Public exploit
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
Max CVSS
10.0
EPSS Score
89.17%
Published
2008-06-13
Updated
2018-10-11
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."
Max CVSS
10.0
EPSS Score
28.51%
Published
2008-07-14
Updated
2017-08-08
157 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!