| CVE-2010-4299 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400. |
| CVE-2010-3264 |
low |
— |
2.1 |
|
|
novell |
16y ago |
The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file. |
| CVE-2010-1325 |
medium |
— |
4.3 |
|
|
novell |
16y ago |
Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the auth… |
| CVE-2010-3109 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter. |
| CVE-2010-3108 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names. |
| CVE-2010-3106 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cau… |
| CVE-2010-3105 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspec… |
| CVE-2010-1527 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. |
| CVE-2010-1930 |
medium |
— |
6.0 |
EXP |
|
novell |
16y ago |
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. |
| CVE-2010-1929 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow r… |
| CVE-2010-2351 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a … |
| CVE-2010-0284 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Ac… |
| CVE-2009-4879 |
medium |
— |
4.3 |
|
|
novell |
16y ago |
The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restric… |
| CVE-2009-4878 |
medium |
— |
4.3 |
|
|
novell |
16y ago |
Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. |
| CVE-2010-0625 |
medium |
— |
6.5 |
|
|
novell |
16y ago |
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possi… |
| CVE-2007-6734 |
medium |
— |
4.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories o… |
| CVE-2005-4888 |
medium |
— |
5.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in th… |
| CVE-2004-2767 |
medium |
— |
4.3 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establish… |
| CVE-2003-1595 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. |
| CVE-2003-1592 |
medium |
— |
5.0 |
|
|
novell |
16y ago |
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2… |
| CVE-2002-2434 |
medium |
— |
5.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. |
| CVE-2002-2433 |
medium |
— |
4.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. |
| CVE-2002-2432 |
medium |
— |
5.0 |
|
|
novell |
16y ago |
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. |
| CVE-2000-1246 |
low |
— |
3.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. |
| CVE-2009-4662 |
medium |
— |
4.3 |
|
|
novell |
17y ago |
Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via t… |
| CVE-2009-4654 |
critical |
— |
10.0 |
EXP |
|
novell |
17y ago |
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a s… |
| CVE-2009-4653 |
critical |
— |
10.0 |
EXP |
|
novell |
17y ago |
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrar… |
| CVE-2010-0666 |
medium |
— |
5.0 |
|
|
novell |
17y ago |
Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue … |
