Filtered by vendor Novell
Subscriptions
Total
673 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4790 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. | ||||
| CVE-2006-0992 | 1 Novell | 1 Groupwise Messenger | 2025-04-03 | N/A |
| Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier. | ||||
| CVE-2004-2734 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | ||||
| CVE-2006-3425 | 2 Lumension, Novell | 2 Patchlink Update Server, Zenworks | 2025-04-03 | N/A |
| FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters. | ||||
| CVE-2006-2612 | 1 Novell | 1 Client | 2025-04-03 | N/A |
| Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt. | ||||
| CVE-2006-2327 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | ||||
| CVE-2006-2185 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | ||||
| CVE-2006-1322 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-03 | N/A |
| Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | ||||
| CVE-2006-1218 | 1 Novell | 1 Bordermanager | 2025-04-03 | N/A |
| Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1". | ||||
| CVE-2006-3426 | 2 Lumension, Novell | 2 Patchlink Update Server, Zenworks | 2025-04-03 | N/A |
| Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components. | ||||
| CVE-2003-0637 | 1 Novell | 1 Ichain | 2025-04-03 | N/A |
| Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. | ||||
| CVE-2003-0976 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | ||||
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2025-04-03 | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | ||||
| CVE-2002-0929 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests. | ||||
| CVE-2002-0791 | 1 Novell | 1 Netware | 2025-04-03 | N/A |
| Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. | ||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | 7.5 High |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
| CVE-2004-2580 | 1 Novell | 1 Ichain | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors. | ||||
| CVE-2006-0998 | 1 Novell | 2 Netware, Open Enterprise Server | 2025-04-03 | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. | ||||
| CVE-2004-2581 | 1 Novell | 1 Ichain | 2025-04-03 | N/A |
| Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string." | ||||
| CVE-2004-2582 | 1 Novell | 1 Ichain | 2025-04-03 | N/A |
| Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | ||||