Searching novell software vulnerabilities

Novell NetWare Transaction Tracking System (TTS

Transaction | Tracking | NetWare | System | Novell |

Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.


Novell NetWare with Novell-HTTP-Server or YAWN

Novell-HTTP-Server | attackers | requests | conduct | service | servers | NetWare | denial | number | allows | remote | Novell | large | HTTP | YAWN | web | GET | via |

Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.


Vulnerability in files.pl script in Novell WebS

Vulnerability | WebServer | attackers | arbitrary | Examples | Toolkit | filespl | script | remote | Novell | allows | files | read |

Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.


Vulnerability in urestore in Novell UnixWare 1.

Vulnerability | privileges | UnixWare | urestore | allows | Novell | users | local | root | gain |

Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.


Norton AntiVirus 5.00.01C with the Novell Netwa

auto-protection | AntiVirus | properly | restart | service | Netware | 50001C | Norton | system | logged | client | Novell | first | after | does | user | not | off | has |

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.


Novell Groupwise 5.5 (sp1 and sp2) allows a rem

Groupwise | Novell |

Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.


Novell Groupwise 5.5 and 6.0 Servlet Gateway is

privileges | installed | attackers | Groupwise | username | password | manager | Servlet | default | Gateway | Novell | remote | allows | which | gain |

Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.


Novell Netware 5.0 through 5.1 may allow local

Directory | Services | logging | "Domain | Netware | through | Novell | rights | Admin" | allow | local | users | into | gain | may |

Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.


The Novell Netware client running on Windows 95

arbitrary | launched | Windows | running | feature | Netware | bypass | screen | allows | client | Novell | "What | which | this" | login | users | files | local | open | help | via | can |

The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.


Novell iChain 2.3 allows attackers to cause a d

"specific | attackers | service | string" | denial | Novell | iChain | allows | cause | via | URL |

Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string."


webadmin-apache.conf in Novell Web Manager of N

webadmin-apacheconf | inconsistent | uppercase | lowercase | attackers | directory | NetWare | Manager | control | WEB-INF | allows | remote | Novell | bypass | folder | access | volume | Alias | which | uses | Web | tag |

webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.


Heap-based buffer overflow in Novell Open Enter

Enterprise | Heap-based | overflow | Manager | Remote | Server | buffer | Novell | Open |

Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.


The SSL server implementation in NILE.NLM in No

implementation | Enterprise | NetWare | NILENLM | server | Novell | Open | SSL |

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.


The SSL server implementation in NILE.NLM in No

implementation | Enterprise | NetWare | NILENLM | server | Novell | Open | SSL |

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.


The SSL server implementation in NILE.NLM in No

implementation | Enterprise | NetWare | NILENLM | server | Novell | Open | SSL |

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.


Unspecified vulnerability in Novell eDirectory

vulnerability | demonstrated | vd_novell3pm | Unspecified | eDirectory | attackers | service | "Novell | Novell | allows | denial | cause | DoS" |

Unspecified vulnerability in Novell eDirectory 8.8 allows attackers to cause a denial of service, as demonstrated by vd_novell3.pm, a "Novell eDirectory 8.8 DoS." NOTE: As of Wednesday, November 08, 2006, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.


Unspecified vulnerability in Novell eDirectory

vulnerability | demonstrated | vd_novellpm | Unspecified | eDirectory | arbitrary | attackers | exploit" | "Novell | execute | Novell | remote | allows | code |

Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of Wednesday, November 08, 2006, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.


Format string vulnerability in Novell Modular A

Authentication | vulnerability | Services | Modular | Format | string | Novell |

Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.


Buffer overflow in the Novell Distributed Print

Distributed | overflow | Services | Buffer | Novell | Print |

Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.


Cross-site scripting (XSS) vulnerability in Nov

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app.


Software vulnerabilities results 1 to 20 of 152     
Page: 12345...8