CVE-1999-1086 — Netware vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

1.4%

top 19.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Netware

Timeline

PublishedJul 15

Latest updateApr 30

Description

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDnovell/netware5.0+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-qhf9-4cg8-h46m: Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spo↗2022-04-30

▶

CVEList

CVE-1999-1086: Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spo↗2001-09-12

▶