Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1020Netware vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.7%
top 17.91%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netware
Timeline
PublishedSep 18
Latest updateApr 30

Description

The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDnovell/netware4.1, 4.11+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-q937-qhpq-5w36: The installation of Novell Netware NDS 52022-04-30
CVEList
CVE-1999-1020: The installation of Novell Netware NDS 52001-09-12

💥Exploits & PoCs

1
Exploit-DB
Novell Netware 4.1/4.11 - SP5B NDS Default Rights1999-04-09
CVE-1999-1020 — Novell Netware vulnerability | cvebase