Novell: >> Ichain >> 2.2.113 Security Vulnerabilities
The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.
CVSS Score
5.0
EPSS Score
0.004
Published
2005-05-02
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
CVSS Score
5.0
EPSS Score
0.005
Published
2005-03-15
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
CVSS Score
7.5
EPSS Score
0.021
Published
2005-03-15