Search Results (79 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0524 11 Apple, Cisco, Hp and 8 more 14 Mac Os X, Macos, Ios and 11 more 2026-05-28 4 Medium
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2006-6675 1 Novell 2 Apache Http Server, Netware 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters in Welcome web-app.
CVE-2008-5696 1 Novell 1 Netware 2026-04-23 N/A
Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.
CVE-2006-5854 1 Novell 1 Netware Client 2026-04-23 N/A
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
CVE-2007-5762 1 Novell 1 Netware Client 2026-04-23 N/A
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
CVE-2009-0714 5 Hp, Microsoft, Novell and 2 more 5 Data Protector Express, Windows, Netware and 2 more 2026-04-23 N/A
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
CVE-2007-3571 1 Novell 2 Groupwise, Netware 2026-04-23 N/A
The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
CVE-2010-0317 1 Novell 1 Netware 2026-04-23 N/A
Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and crash) via a large number of malformed or AFP requests that are not properly handled by (1) the CIFS functionality in CIFS.nlm Semantic Agent (Build 163 MP) 3.27 or (2) the AFP functionality in AFPTCP.nlm Build 163 SP 3.27. NOTE: some of these details are obtained from third party information.
CVE-1999-1320 1 Novell 1 Netware 2026-04-16 N/A
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
CVE-2002-1418 1 Novell 2 Netware, Small Business Suite 2026-04-16 N/A
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.
CVE-1999-1215 1 Novell 1 Netware 2026-04-16 N/A
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
CVE-2002-1754 1 Novell 1 Netware Client 2026-04-16 N/A
Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.
CVE-2002-1772 1 Novell 1 Netware 2026-04-16 N/A
Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.
CVE-2003-1150 1 Novell 2 Netware, Zenworks Desktops 2026-04-16 N/A
Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.
CVE-1999-0929 1 Novell 2 Http Server, Netware 2026-04-16 N/A
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
CVE-2002-1413 1 Novell 1 Netware 2026-04-16 N/A
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection.
CVE-2004-2734 1 Novell 1 Netware 2026-04-16 N/A
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
CVE-2001-1233 1 Novell 2 Groupwise Webaccess, Netware 2026-04-16 N/A
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
CVE-1999-1086 1 Novell 1 Netware 2026-04-16 N/A
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
CVE-2004-2103 1 Novell 1 Netware 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename.