Novell: >> Netware >> 6.0 Security Vulnerabilities
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.
CVSS Score
5.0
EPSS Score
0.009
Published
2003-04-11
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.
CVSS Score
2.1
EPSS Score
0.0
Published
2002-12-31
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
CVSS Score
7.5
EPSS Score
0.044
Published
2002-12-31
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-10-04
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.
CVSS Score
5.0
EPSS Score
0.011
Published
2002-10-04
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.
CVSS Score
5.0
EPSS Score
0.011
Published
2002-08-12
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
CVSS Score
7.2
EPSS Score
0.0
Published
1999-12-31
Page 4