Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2852Netware vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
48.1%
top 2.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Novell Netware
Timeline
PublishedSep 8
Latest updateMay 1

Description

Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDnovell/netware5.1, 6.0, 6.5+2

Patches

Patch: support.novell.comPatch: support.novell.comPatch: support.novell.com

🔴Vulnerability Details

2
GHSA
GHSA-mj2p-mqjh-gc8g: Unknown vulnerability in CIFS2022-05-01
CVEList
CVE-2005-2852: Unknown vulnerability in CIFS2005-09-08

💥Exploits & PoCs

1
Exploit-DB
Novell NetWare - LSASS CIFS.NLM Driver Stack Buffer Overflow (Metasploit)2010-05-09
CVE-2005-2852 — Novell Netware vulnerability | cvebase