Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1634 — Netware vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

8.6%

top 7.59%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Novell Netware

Timeline

PublishedDec 31

Latest updateApr 30

Description

Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/netware5.0, 5.1+1

Patches

Patch: support.novell.com ↗Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-cjw5-wc7c-w2w9: Novell NetWare 5↗2022-04-30

▶

CVEList

CVE-2002-1634: Novell NetWare 5↗2005-03-28

▶

💥Exploits & PoCs

Exploit-DB

Netscape Enterprise Web Server for Netware 4/5 5.0 - Information Disclosure↗2002-05-29

▶