CVE-2004-2414 — Netware vulnerability

3 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 83.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Netware

Timeline

PublishedDec 31

Latest updateApr 29

Description

Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/netware6.5

Patches

Patch: secunia.com ↗Patch: support.novell.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-f9r4-49h8-266f: Novell NetWare 6↗2022-04-29

▶

CVEList

CVE-2004-2414: Novell NetWare 6↗2005-08-18

▶