CVE-2003-1593

CWE-2644 documents4 sources
Severity
7.5HIGH
EPSS
0.1%
top 67.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Netware
Timeline
PublishedApr 5
Latest updateApr 29

Description

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDnovell/netware6.0, 6.5+1

🔴Vulnerability Details

2
GHSA
GHSA-6ff4-c3cx-w2v5: NWFTPD2022-04-29
CVEList
CVE-2003-1593: NWFTPD2010-04-05

💥Exploits & PoCs

1
Exploit-DB
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident2003-05-02
CVE-2003-1593 (HIGH CVSS 7.5) | NWFTPD.nlm in the FTP server in Nov | cvebase.io