NovellCVEs & Vulnerabilities

675 CVEs affecting Novell products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

groupwise 484iprint 471edirectory 210suse linux enterprise server 132zenworks configuration management 120netware 118suse linux enterprise desktop 91suse linux enterprise software development kit 86
CVE-2010-4328HIGHpoc

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes.

19 Feb 2011
7.5
CVSS
CVE-2010-4323HIGHpoc

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.

19 Feb 2011
7.5
CVSS
CVE-2010-4327MEDIUM

Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.

10 Feb 2011
5.0
CVSS
CVE-2011-0742CRITICAL

Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.

2 Feb 2011
10.0
CVSS
CVE-2010-4717MEDIUMpoc

Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.

31 Jan 2011
6.5
CVSS
CVE-2010-4716MEDIUM

Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

31 Jan 2011
4.3
CVSS
CVE-2010-4715MEDIUMpoc

Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information.

31 Jan 2011
5.0
CVSS
CVE-2010-4714CRITICAL

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

31 Jan 2011
10.0
CVSS
CVE-2010-4713CRITICAL

Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.

31 Jan 2011
10.0
CVSS
CVE-2010-4712CRITICAL

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data.

31 Jan 2011
10.0
CVSS
CVE-2010-4711CRITICALpoc

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.

31 Jan 2011
10.0
CVSS
CVE-2010-2779MEDIUM

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."

29 Jan 2011
4.3
CVSS
CVE-2010-2778MEDIUM

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."

29 Jan 2011
4.3
CVSS
CVE-2010-2777CRITICALpoc

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command.

29 Jan 2011
9.0
CVSS
CVE-2010-4326CRITICAL

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.

28 Jan 2011
10.0
CVSS
CVE-2010-4325CRITICAL

Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.

28 Jan 2011
10.0
CVSS
CVE-2010-3912CRITICAL

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.

13 Jan 2011
10.0
CVSS
CVE-2010-4322LOW

Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.

8 Jan 2011
3.5
CVSS
CVE-2010-4324MEDIUM

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

7 Jan 2011
4.3
CVSS
CVE-2010-4321CRITICALpoc

Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.

30 Dec 2010
9.3
CVSS
CVE-2010-4254HIGHpoc

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.

6 Dec 2010
7.5
CVSS
CVE-2010-4299CRITICAL

Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400.

22 Nov 2010
9.3
CVSS
CVE-2010-3110HIGH

Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.

12 Oct 2010
7.2
CVSS
CVE-2010-3264LOW

The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.

8 Sep 2010
2.1
CVSS
CVE-2010-1507MEDIUM

WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.

3 Sep 2010
5.0
CVSS
CVE-2010-1325MEDIUM

Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.

3 Sep 2010
4.3
CVSS
CVE-2010-3109CRITICAL

Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter.

24 Aug 2010
9.3
CVSS
CVE-2010-3108CRITICAL

Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names.

24 Aug 2010
9.3
CVSS
CVE-2010-3107HIGH

A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module.

24 Aug 2010
7.1
CVSS
CVE-2010-3106CRITICALpoc

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.

24 Aug 2010
9.3
CVSS
CVE-2010-3105CRITICAL

The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

24 Aug 2010
9.3
CVSS
CVE-2010-1527CRITICALpoc

Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.

24 Aug 2010
9.3
CVSS
CVE-2010-1930MEDIUMpoc

Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.

28 Jun 2010
5.0
CVSS
CVE-2010-1929CRITICALpoc

Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

28 Jun 2010
9.0
CVSS
CVE-2010-2351CRITICALpoc

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

21 Jun 2010
10.0
CVSS
CVE-2010-2068MEDIUM

mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.

18 Jun 2010
5.0
CVSS
CVE-2010-0284CRITICAL

Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.

18 Jun 2010
10.0
CVSS
CVE-2009-4879MEDIUM

The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.

26 May 2010
4.3
CVSS
CVE-2009-4878MEDIUM

Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors.

26 May 2010
4.3
CVSS
CVE-2010-0625MEDIUM

Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.

5 Apr 2010
6.5
CVSS
CVE-2007-6735HIGH

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.

5 Apr 2010
7.5
CVSS
CVE-2007-6734MEDIUM

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.

5 Apr 2010
4.0
CVSS
CVE-2005-4888MEDIUM

NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.

5 Apr 2010
5.0
CVSS
CVE-2005-4887HIGH

NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.

5 Apr 2010
7.5
CVSS
CVE-2004-2767MEDIUM

NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.

5 Apr 2010
4.3
CVSS
CVE-2003-1596HIGH

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

5 Apr 2010
7.5
CVSS
CVE-2003-1595CRITICAL

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.

5 Apr 2010
10.0
CVSS
CVE-2003-1594HIGH

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.

5 Apr 2010
7.5
CVSS
← PrevPage 8 / 15Next →