CVE-2006-1322 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Netware FTP Server

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.1%

top 22.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Netware FTP Server Novell Netware

Timeline

PublishedMar 20

Latest updateMay 1

Description

Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDnovell/netware_ftp_server5.06.05+1

▶NVDnovell/netware6.5

Patches

Patch: support.novell.com ↗Patch: support.novell.com ↗

🔴Vulnerability Details

GHSA

GHSA-cwph-r6x3-5c7x: Novell Netware NWFTPD 5↗2022-05-01

▶

CVEList

CVE-2006-1322: Novell Netware NWFTPD 5↗2006-03-20

▶