Filtered by vendor Novell
Subscribe
Total
671 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3268 | 1 Novell | 1 Groupwise | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office. | |||||
| CVE-2006-2612 | 1 Novell | 1 Client | 2024-11-21 | 2.1 LOW | N/A |
| Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt. | |||||
| CVE-2006-2496 | 1 Novell | 2 Edirectory, Imonitor | 2024-11-21 | 10.0 HIGH | N/A |
| Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2006-2327 | 1 Novell | 1 Netware | 2024-11-21 | 6.4 MEDIUM | N/A |
| Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | |||||
| CVE-2006-2304 | 1 Novell | 1 Client | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow. | |||||
| CVE-2006-2185 | 1 Novell | 1 Netware | 2024-11-21 | 4.0 MEDIUM | N/A |
| PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | |||||
| CVE-2006-1322 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | |||||
| CVE-2006-1218 | 1 Novell | 1 Bordermanager | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1". | |||||
| CVE-2006-0999 | 1 Novell | 2 Netware, Open Enterprise Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. | |||||
| CVE-2006-0998 | 1 Novell | 2 Netware, Open Enterprise Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. | |||||
| CVE-2006-0997 | 1 Novell | 2 Netware, Open Enterprise Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. | |||||
| CVE-2006-0992 | 1 Novell | 1 Groupwise Messenger | 2024-11-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier. | |||||
| CVE-2006-0803 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2024-11-21 | 5.0 MEDIUM | N/A |
| The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. | |||||
| CVE-2006-0736 | 1 Novell | 2 Linux Desktop, Open Enterprise Server | 2024-11-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2005-4888 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | |||||
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||||
| CVE-2005-4791 | 1 Novell | 1 Suse Linux | 2024-11-21 | 2.1 LOW | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee. | |||||
| CVE-2005-4790 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2024-11-21 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. | |||||
| CVE-2005-3786 | 1 Novell | 3 Zenworks, Zenworks Desktops, Zenworks Servers | 2024-11-21 | 4.6 MEDIUM | N/A |
| Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One. | |||||
| CVE-2005-3655 | 1 Novell | 1 Open Enterprise Server | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter. | |||||