Novell: >> Bordermanager Security Vulnerabilities
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
CVSS Score
10.0
EPSS Score
0.308
Published
2007-11-02
Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286.
CVSS Score
7.5
EPSS Score
0.018
Published
2007-03-07
Unspecified vulnerability in IKE.NLM in Novell BorderManager 3.8 allows attackers to cause a denial of service (crash) via unknown attack vectors related to "VPN issues" for certain "IKE and IPsec settings."
CVSS Score
5.0
EPSS Score
0.008
Published
2006-10-13
Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".
CVSS Score
5.0
EPSS Score
0.034
Published
2006-03-14
The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite.
CVSS Score
5.0
EPSS Score
0.009
Published
2004-12-31
FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data.
CVSS Score
5.0
EPSS Score
0.048
Published
2002-08-12
IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND.
CVSS Score
5.0
EPSS Score
0.009
Published
2002-08-12
RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
CVSS Score
5.0
EPSS Score
0.007
Published
2002-08-12
Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface.
CVSS Score
5.0
EPSS Score
0.048
Published
2002-08-12
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.
CVSS Score
5.0
EPSS Score
0.086
Published
2001-07-02
Page 1