Novell Netware vulnerabilities
63 known vulnerabilities affecting novell/netware.
Total CVEs
63
CISA KEV
0
Public exploits
14
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH15MEDIUM39LOW2
Vulnerabilities
Page 3 of 4
CVE-2002-1418MEDIUMCVSS 5.0v5.1v6.02003-04-11
CVE-2002-1418 [MEDIUM] CVE-2002-1418: Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6,
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.
nvd
CVE-2002-1438MEDIUMCVSS 5.0v5.1v6.02003-04-11
CVE-2002-1438 [MEDIUM] CVE-2002-1438: The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.
nvd
CVE-2002-1417MEDIUMCVSS 5.0v5.1v6.02003-04-11
CVE-2002-1417 [MEDIUM] CVE-2002-1417: Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, a
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.
nvd
CVE-2002-1437MEDIUMCVSS 5.0v5.1v6.02003-04-11
CVE-2002-1437 [MEDIUM] CVE-2002-1437: Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWar
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
nvd
CVE-2002-2096HIGHCVSS 7.5v5.1v6.02002-12-31
CVE-2002-2096 [HIGH] CVE-2002-2096: Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows re
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
nvd
CVE-2002-1634MEDIUMCVSS 5.0PoCv5.0v5.12002-12-31
CVE-2002-1634 [MEDIUM] CVE-2002-1634: Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive info
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.
nvd
CVE-2002-1772MEDIUMCVSS 4.6v5.0v5.12002-12-31
CVE-2002-1772 [MEDIUM] CVE-2002-1772: Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
nvd
CVE-2002-0930MEDIUMCVSS 5.0v6.02002-10-04
CVE-2002-0930 [MEDIUM] CVE-2002-0930: Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote atta
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
nvd
CVE-2002-0929MEDIUMCVSS 5.0v6.02002-10-04
CVE-2002-0929 [MEDIUM] CVE-2002-0929: Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
nvd
CVE-2002-0791MEDIUMCVSS 5.0v5.1v6.02002-08-12
CVE-2002-0791 [MEDIUM] CVE-2002-0791: Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.
nvd
CVE-2001-1580MEDIUMCVSS 5.0v5.12001-12-31
CVE-2001-1580 [MEDIUM] CVE-2001-1580: Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows r
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
nvd
CVE-2001-1233MEDIUMCVSS 5.0v5.12001-08-14
CVE-2001-1233 [MEDIUM] CVE-2001-1233: Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (ND
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
nvd
CVE-1999-0805MEDIUMCVSS 5.0≤ 4.112001-03-12
CVE-1999-0805 [MEDIUM] CVE-1999-0805: Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
nvd
CVE-2000-0669MEDIUMCVSS 5.0PoCv5.02000-07-11
CVE-2000-0669 [MEDIUM] CVE-2000-0669: Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
nvd
CVE-2000-0600HIGHCVSS 7.5v5.0v5.12000-06-26
CVE-2000-0600 [HIGH] CVE-2000-0600: Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or ex
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
nvd
CVE-2000-0257HIGHCVSS 7.5PoCv5.12000-04-19
CVE-2000-0257 [HIGH] CVE-2000-0257: Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.
nvd
CVE-1999-1320MEDIUMCVSS 4.6≤ 3.01999-12-31
CVE-1999-1320 [MEDIUM] CVE-1999-1320: Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spo
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
nvd
CVE-1999-1086CRITICALCVSS 10.0≤ 5.0v4.1+1 more1999-07-15
CVE-1999-1086 [CRITICAL] CVE-1999-1086: Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
nvd
CVE-1999-0929MEDIUMCVSS 5.0v4.1v4.111999-06-16
CVE-1999-0929 [MEDIUM] CVE-1999-0929: Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a deni
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
nvd
CVE-1999-0470MEDIUMCVSS 5.0PoCv4.01999-04-09
CVE-1999-0470 [MEDIUM] CVE-1999-0470: A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily d
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
nvd