threat
engine
.sh
Back
·
··:··
Home
/
Product
/
novell netware
Product
novell netware
72 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2009-5153
<= 6.5
In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNE
9.8
CRITICAL
CVE-2011-4191
all versions
Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execu
CVE-2010-4228
all versions
Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to
CVE-2010-4227
<= 6.5
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (ab
CVE-2010-2351
all versions
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attacke
CVE-2010-0625
all versions
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote aut
CVE-2007-6735
all versions
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the
CVE-2007-6734
all versions
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restric
CVE-2005-4888
all versions
NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stal
CVE-2005-4887
all versions
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors r
CVE-2004-2767
all versions
NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers t
CVE-2003-1596
all versions
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NF
CVE-2003-1595
all versions
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspec
CVE-2003-1594
all versions
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows rem
CVE-2003-1593
all versions
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions,
CVE-2003-1592
all versions
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attacke
CVE-2003-1591
all versions
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a
CVE-2002-2434
all versions
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote att
CVE-2002-2433
all versions
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend)
CVE-2002-2432
all versions
Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial
CVE-2001-1587
all versions
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an
CVE-2000-1246
all versions
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service
CVE-2000-1245
all versions
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers
CVE-2010-0317
all versions
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND,
CVE-2008-5696
<= 6.5
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password fo
CVE-2006-6675
all versions
Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows rem
CVE-2006-2185
all versions
PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperati
CVE-2006-2327
all versions
Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell N
CVE-2006-0999
all versions
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force t
CVE-2006-0998
all versions
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak c
CVE-2006-0997
all versions
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a
CVE-2006-1322
all versions
Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long pa
CVE-2005-2852
all versions
Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of ser
CVE-2005-1060
all versions
Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of s
CVE-2005-0819
all versions
The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a dir
CVE-2004-2734
all versions
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase direct
CVE-2004-2414
all versions
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, i
CVE-2004-2106
all versions
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2
CVE-2004-2105
all versions
The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a
CVE-2004-2104
all versions
Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the int
CVE-2004-2103
all versions
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process ar
CVE-2003-0976
all versions
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts f
CVE-2003-1150
all versions
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allow
CVE-2003-0562
all versions
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of servic
CVE-2002-1438
all versions
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via
CVE-2002-1437
all versions
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to
CVE-2002-1436
all versions
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an H
CVE-2002-1418
all versions
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Sui
CVE-2002-1417
all versions
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite
CVE-2002-1413
all versions
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the Rco
CVE-2002-2096
all versions
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbi
CVE-2002-2083
all versions
The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is t
CVE-2002-1772
all versions
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (ND
CVE-2002-1634
all versions
Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2
CVE-2002-0930
all versions
Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of ser
CVE-2002-0929
all versions
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP
CVE-2002-0791
all versions
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connect
CVE-2001-1580
all versions
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitr
CVE-2001-1233
all versions
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attac
CVE-1999-0805
<= 4.11
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service v
CVE-2000-0669
all versions
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
CVE-2000-0600
all versions
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a
CVE-2000-0257
all versions
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute c
CVE-1999-1382
all versions
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local u
CVE-1999-1320
<= 3.0
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
CVE-1999-1086
<= 5.0
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrat
CVE-1999-0929
all versions
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large numb
CVE-1999-0470
all versions
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
CVE-1999-1020
all versions
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote
CVE-1999-0524
all versions
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
4.0
MEDIUM
CVE-1999-0265
all versions
ICMP redirect messages may crash or lock up a host.
CVE-1999-1215
all versions
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin