All the vulnerabilites related to novell - client
cve-2008-0639
Vulnerability from cvelistv5
Published
2008-02-13 20:00
Modified
2024-08-07 07:54
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/487980/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/28895 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/0496 | vdb-entry, x_refsource_VUPEN | |
| http://www.zerodayinitiative.com/advisories/ZDI-08-005.html | x_refsource_MISC | |
| http://marc.info/?l=full-disclosure&m=120276962211348&w=2 | mailing-list, x_refsource_FULLDISC | |
| http://www.securitytracker.com/id?1019366 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/27741 | vdb-entry, x_refsource_BID | |
| http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html | x_refsource_CONFIRM | |
| http://download.novell.com/Download?buildid=SszG22IIugM~ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:22.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487980/100/0/threaded"
},
{
"name": "28895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28895"
},
{
"name": "ADV-2008-0496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0496"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html"
},
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=120276962211348\u0026w=2"
},
{
"name": "1019366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019366"
},
{
"name": "27741",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27741"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=SszG22IIugM~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487980/100/0/threaded"
},
{
"name": "28895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28895"
},
{
"name": "ADV-2008-0496",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0496"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html"
},
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=120276962211348\u0026w=2"
},
{
"name": "1019366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019366"
},
{
"name": "27741",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27741"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=SszG22IIugM~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487980/100/0/threaded"
},
{
"name": "28895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28895"
},
{
"name": "ADV-2008-0496",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0496"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html"
},
{
"name": "20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=120276962211348\u0026w=2"
},
{
"name": "1019366",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019366"
},
{
"name": "27741",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27741"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html"
},
{
"name": "http://download.novell.com/Download?buildid=SszG22IIugM~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=SszG22IIugM~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0639",
"datePublished": "2008-02-13T20:00:00",
"dateReserved": "2008-02-06T00:00:00",
"dateUpdated": "2024-08-07T07:54:22.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6307
Vulnerability from cvelistv5
Published
2006-12-05 11:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary.
References
| ▼ | URL | Tags |
|---|---|---|
| https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2006/4840 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/21430 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/23244 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
},
{
"name": "ADV-2006-4840",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4840"
},
{
"name": "21430",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21430"
},
{
"name": "23244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
},
{
"name": "ADV-2006-4840",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4840"
},
{
"name": "21430",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21430"
},
{
"name": "23244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23244"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
},
{
"name": "ADV-2006-4840",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4840"
},
{
"name": "21430",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21430"
},
{
"name": "23244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23244"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6307",
"datePublished": "2006-12-05T11:00:00",
"dateReserved": "2006-12-05T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3956
Vulnerability from cvelistv5
Published
2013-07-31 10:00
Modified
2024-08-06 16:30
Severity ?
EPSS score ?
Summary
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://pastebin.com/GB4iiEwR | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/26452 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.exploit-db.com/exploits/27191 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.novell.com/support/kb/doc.php?id=7012497 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pastebin.com/GB4iiEwR"
},
{
"name": "26452",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/26452"
},
{
"name": "27191",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/27191"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pastebin.com/GB4iiEwR"
},
{
"name": "26452",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/26452"
},
{
"name": "27191",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/27191"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pastebin.com/GB4iiEwR",
"refsource": "MISC",
"url": "http://pastebin.com/GB4iiEwR"
},
{
"name": "26452",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/26452"
},
{
"name": "27191",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/27191"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7012497",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3956",
"datePublished": "2013-07-31T10:00:00",
"dateReserved": "2013-06-05T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5667
Vulnerability from cvelistv5
Published
2007-11-14 01:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27678 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/38434 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1018943 | vdb-entry, x_refsource_SECTRACK | |
| https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/3846 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/26420 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/40867 | vdb-entry, x_refsource_OSVDB | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27678",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27678"
},
{
"name": "novell-client-nwfilter-privilege-escalation(38434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434"
},
{
"name": "1018943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018943"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html"
},
{
"name": "ADV-2007-3846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3846"
},
{
"name": "26420",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26420"
},
{
"name": "40867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40867"
},
{
"name": "20071112 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \\.\\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27678",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27678"
},
{
"name": "novell-client-nwfilter-privilege-escalation(38434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434"
},
{
"name": "1018943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018943"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html"
},
{
"name": "ADV-2007-3846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3846"
},
{
"name": "26420",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26420"
},
{
"name": "40867",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40867"
},
{
"name": "20071112 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \\.\\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27678",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27678"
},
{
"name": "novell-client-nwfilter-privilege-escalation(38434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434"
},
{
"name": "1018943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018943"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html"
},
{
"name": "ADV-2007-3846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3846"
},
{
"name": "26420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26420"
},
{
"name": "40867",
"refsource": "OSVDB",
"url": "http://osvdb.org/40867"
},
{
"name": "20071112 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5667",
"datePublished": "2007-11-14T01:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6701
Vulnerability from cvelistv5
Published
2008-02-13 20:00
Modified
2024-08-07 16:18
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/26238 | third-party-advisory, x_refsource_SECUNIA | |
| http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25092 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1018471 | vdb-entry, x_refsource_SECTRACK | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-045.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35653 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070806 ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html"
},
{
"name": "26238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html"
},
{
"name": "25092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25092"
},
{
"name": "1018471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018471"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html"
},
{
"name": "novell-nwspool-unspecified(35653)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35653"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070806 ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html"
},
{
"name": "26238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html"
},
{
"name": "25092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25092"
},
{
"name": "1018471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018471"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html"
},
{
"name": "novell-nwspool-unspecified(35653)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35653"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070806 ZDI-07-045: Novell Client NWSPOOL.DLL Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html"
},
{
"name": "26238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26238"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html"
},
{
"name": "25092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25092"
},
{
"name": "1018471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018471"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html"
},
{
"name": "novell-nwspool-unspecified(35653)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35653"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6701",
"datePublished": "2008-02-13T20:00:00",
"dateReserved": "2008-02-13T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6306
Vulnerability from cvelistv5
Published
2006-12-05 11:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/1970 | third-party-advisory, x_refsource_SREASON | |
| http://securitytracker.com/id?1017377 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/4987 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/23363 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/453176/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30644 | vdb-entry, x_refsource_XF | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm | x_refsource_CONFIRM | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm | x_refsource_CONFIRM | |
| https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html | x_refsource_CONFIRM | |
| http://www.layereddefense.com/Novell01DEC.html | x_refsource_MISC | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1970",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1970"
},
{
"name": "1017377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017377"
},
{
"name": "ADV-2006-4987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4987"
},
{
"name": "23363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23363"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"
},
{
"name": "novell-nmas-format-string(30644)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layereddefense.com/Novell01DEC.html"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1970",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1970"
},
{
"name": "1017377",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017377"
},
{
"name": "ADV-2006-4987",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4987"
},
{
"name": "23363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23363"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"
},
{
"name": "novell-nmas-format-string(30644)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layereddefense.com/Novell01DEC.html"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1970",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1970"
},
{
"name": "1017377",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017377"
},
{
"name": "ADV-2006-4987",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4987"
},
{
"name": "23363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23363"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"
},
{
"name": "novell-nmas-format-string(30644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"
},
{
"name": "http://www.layereddefense.com/Novell01DEC.html",
"refsource": "MISC",
"url": "http://www.layereddefense.com/Novell01DEC.html"
},
{
"name": "20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6306",
"datePublished": "2006-12-05T11:00:00",
"dateReserved": "2006-12-05T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0108
Vulnerability from cvelistv5
Published
2007-01-09 00:00
Modified
2024-08-07 12:03
Severity ?
EPSS score ?
Summary
nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/0064 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1017471 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/21886 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/31358 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31343 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/23619 | third-party-advisory, x_refsource_SECUNIA | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:37.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0064",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0064"
},
{
"name": "1017471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017471"
},
{
"name": "21886",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21886"
},
{
"name": "31358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/31358"
},
{
"name": "novell-profile-security-bypass(31343)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31343"
},
{
"name": "23619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0064",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0064"
},
{
"name": "1017471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017471"
},
{
"name": "21886",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21886"
},
{
"name": "31358",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/31358"
},
{
"name": "novell-profile-security-bypass(31343)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31343"
},
{
"name": "23619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0064",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0064"
},
{
"name": "1017471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017471"
},
{
"name": "21886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21886"
},
{
"name": "31358",
"refsource": "OSVDB",
"url": "http://osvdb.org/31358"
},
{
"name": "novell-profile-security-bypass(31343)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31343"
},
{
"name": "23619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23619"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0108",
"datePublished": "2007-01-09T00:00:00",
"dateReserved": "2007-01-08T00:00:00",
"dateUpdated": "2024-08-07T12:03:37.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2954
Vulnerability from cvelistv5
Published
2007-08-31 22:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/3006 | vdb-entry, x_refsource_VUPEN | |
| http://download.novell.com/Download?buildid=VOXNZb-6t_g~ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35824 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/25474 | vdb-entry, x_refsource_BID | |
| http://secunia.com/secunia_research/2007-57/advisory/ | x_refsource_MISC | |
| http://secunia.com/advisories/26374 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/37321 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1018623 | vdb-entry, x_refsource_SECTRACK | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-045/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-3006",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~"
},
{
"name": "novell-client-nwspool-bo(35824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35824"
},
{
"name": "25474",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25474"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-57/advisory/"
},
{
"name": "26374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26374"
},
{
"name": "37321",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37321"
},
{
"name": "1018623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018623"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "ADV-2007-3006",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~"
},
{
"name": "novell-client-nwspool-bo(35824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35824"
},
{
"name": "25474",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25474"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-57/advisory/"
},
{
"name": "26374",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26374"
},
{
"name": "37321",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37321"
},
{
"name": "1018623",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018623"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2007-2954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-3006",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3006"
},
{
"name": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~"
},
{
"name": "novell-client-nwspool-bo(35824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35824"
},
{
"name": "25474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25474"
},
{
"name": "http://secunia.com/secunia_research/2007-57/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-57/advisory/"
},
{
"name": "26374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26374"
},
{
"name": "37321",
"refsource": "OSVDB",
"url": "http://osvdb.org/37321"
},
{
"name": "1018623",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018623"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2007-2954",
"datePublished": "2007-08-31T22:00:00",
"dateReserved": "2007-05-31T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6443
Vulnerability from cvelistv5
Published
2006-12-10 20:00
Modified
2024-08-07 20:26
Severity ?
EPSS score ?
Summary
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/21479 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/23271 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/4862 | vdb-entry, x_refsource_VUPEN | |
| http://support.novell.com/docs/Readmes/InfoDocument/2974843.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21479"
},
{
"name": "23271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23271"
},
{
"name": "ADV-2006-4862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4862"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21479"
},
{
"name": "23271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23271"
},
{
"name": "ADV-2006-4862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4862"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21479"
},
{
"name": "23271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23271"
},
{
"name": "ADV-2006-4862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4862"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6443",
"datePublished": "2006-12-10T20:00:00",
"dateReserved": "2006-12-10T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3697
Vulnerability from cvelistv5
Published
2013-07-31 10:00
Modified
2024-09-17 03:48
Severity ?
EPSS score ?
Summary
Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://pastebin.com/RcS2Bucg | x_refsource_MISC | |
| http://www.novell.com/support/kb/doc.php?id=7012497 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://pastebin.com/RcS2Bucg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-07-31T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://pastebin.com/RcS2Bucg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://pastebin.com/RcS2Bucg",
"refsource": "MISC",
"url": "http://pastebin.com/RcS2Bucg"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7012497",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3697",
"datePublished": "2013-07-31T10:00:00Z",
"dateReserved": "2013-05-30T00:00:00Z",
"dateUpdated": "2024-09-17T03:48:14.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0793
Vulnerability from cvelistv5
Published
2000-09-21 04:00
Modified
2024-08-08 05:28
Severity ?
EPSS score ?
Summary
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=398222C5%40zathras.cc.vt.edu | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1533 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:41.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000728 Norton Antivirus Protection Disabled under Novell Netware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222C5%40zathras.cc.vt.edu"
},
{
"name": "1533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1533"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2001-12-16T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000728 Norton Antivirus Protection Disabled under Novell Netware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222C5%40zathras.cc.vt.edu"
},
{
"name": "1533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1533"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000728 Norton Antivirus Protection Disabled under Novell Netware",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222C5@zathras.cc.vt.edu"
},
{
"name": "1533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1533"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0793",
"datePublished": "2000-09-21T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:41.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-2612
Vulnerability from cvelistv5
Published
2006-05-26 01:00
Modified
2024-08-07 17:58
Severity ?
EPSS score ?
Summary
Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/20194 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/434704/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/25760 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/961 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/434724/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26595 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:51.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20194"
},
{
"name": "20060521 Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434704/100/0/threaded"
},
{
"name": "25760",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25760"
},
{
"name": "961",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/961"
},
{
"name": "20060522 Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434724/100/0/threaded"
},
{
"name": "novell-client-clipboard-leak(26595)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the \"User Name\" field on the login prompt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20194"
},
{
"name": "20060521 Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434704/100/0/threaded"
},
{
"name": "25760",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25760"
},
{
"name": "961",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/961"
},
{
"name": "20060522 Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434724/100/0/threaded"
},
{
"name": "novell-client-clipboard-leak(26595)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the \"User Name\" field on the login prompt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20194"
},
{
"name": "20060521 Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434704/100/0/threaded"
},
{
"name": "25760",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25760"
},
{
"name": "961",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/961"
},
{
"name": "20060522 Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434724/100/0/threaded"
},
{
"name": "novell-client-clipboard-leak(26595)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2612",
"datePublished": "2006-05-26T01:00:00",
"dateReserved": "2006-05-25T00:00:00",
"dateUpdated": "2024-08-07T17:58:51.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3705
Vulnerability from cvelistv5
Published
2013-12-22 15:00
Modified
2024-08-06 16:14
Severity ?
EPSS score ?
Summary
The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/support/kb/doc.php?id=7014276 | x_refsource_CONFIRM | |
| http://download.novell.com/Download?buildid=gCT45TxxTHQ~ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7014276"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-22T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7014276"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/kb/doc.php?id=7014276",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7014276"
},
{
"name": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~",
"refsource": "CONFIRM",
"url": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3705",
"datePublished": "2013-12-22T15:00:00",
"dateReserved": "2013-05-30T00:00:00",
"dateUpdated": "2024-08-06T16:14:56.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3207
Vulnerability from cvelistv5
Published
2007-06-18 10:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/24489 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34878 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/578105 | third-party-advisory, x_refsource_CERT-VN | |
| https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html | x_refsource_CONFIRM | |
| http://osvdb.org/37317 | vdb-entry, x_refsource_OSVDB | |
| http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/2221 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/25697 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24489"
},
{
"name": "netware-nfs-mount-dos(34878)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"name": "VU#578105",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"name": "37317",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"name": "ADV-2007-2221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"name": "25697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25697"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24489"
},
{
"name": "netware-nfs-mount-dos(34878)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"name": "VU#578105",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"name": "37317",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"name": "ADV-2007-2221",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"name": "25697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25697"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24489"
},
{
"name": "netware-nfs-mount-dos(34878)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"name": "VU#578105",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"name": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"name": "37317",
"refsource": "OSVDB",
"url": "http://osvdb.org/37317"
},
{
"name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"name": "ADV-2007-2221",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"name": "25697",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25697"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3207",
"datePublished": "2007-06-18T10:00:00",
"dateReserved": "2007-06-13T00:00:00",
"dateUpdated": "2024-08-07T14:05:29.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-2304
Vulnerability from cvelistv5
Published
2006-05-11 10:00
Modified
2024-08-07 17:43
Severity ?
EPSS score ?
Summary
Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016052 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/20048 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/1759 | vdb-entry, x_refsource_VUPEN | |
| http://www.hustlelabs.com/novell_ndps_advisory.pdf | x_refsource_MISC | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26314 | vdb-entry, x_refsource_XF | |
| http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/17931 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/434017/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/25429 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016052"
},
{
"name": "20048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20048"
},
{
"name": "ADV-2006-1759",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1759"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.hustlelabs.com/novell_ndps_advisory.pdf"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html"
},
{
"name": "novell-ndps-overflow(26314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm"
},
{
"name": "17931",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17931"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/434017/100/0/threaded"
},
{
"name": "25429",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016052"
},
{
"name": "20048",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20048"
},
{
"name": "ADV-2006-1759",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1759"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.hustlelabs.com/novell_ndps_advisory.pdf"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html"
},
{
"name": "novell-ndps-overflow(26314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm"
},
{
"name": "17931",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17931"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/434017/100/0/threaded"
},
{
"name": "25429",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016052",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016052"
},
{
"name": "20048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20048"
},
{
"name": "ADV-2006-1759",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1759"
},
{
"name": "http://www.hustlelabs.com/novell_ndps_advisory.pdf",
"refsource": "MISC",
"url": "http://www.hustlelabs.com/novell_ndps_advisory.pdf"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html"
},
{
"name": "novell-ndps-overflow(26314)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26314"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm"
},
{
"name": "17931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17931"
},
{
"name": "20060515 Novell NDPS Remote Vulnerability (Server \u0026 Client)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/434017/100/0/threaded"
},
{
"name": "25429",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2304",
"datePublished": "2006-05-11T10:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2145
Vulnerability from cvelistv5
Published
2008-05-12 19:00
Modified
2024-08-07 08:49
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2008/1503 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/29109 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/3868 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42359 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/491814/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/30126 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1020020 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1503",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1503"
},
{
"name": "29109",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29109"
},
{
"name": "3868",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3868"
},
{
"name": "novell-client-username-bo(42359)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42359"
},
{
"name": "20080508 Novell Client \u003c= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491814/100/0/threaded"
},
{
"name": "30126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30126"
},
{
"name": "1020020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020020"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the \"forgotten password\" dialog."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1503",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1503"
},
{
"name": "29109",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29109"
},
{
"name": "3868",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3868"
},
{
"name": "novell-client-username-bo(42359)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42359"
},
{
"name": "20080508 Novell Client \u003c= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491814/100/0/threaded"
},
{
"name": "30126",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30126"
},
{
"name": "1020020",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020020"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the \"forgotten password\" dialog."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1503",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1503"
},
{
"name": "29109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29109"
},
{
"name": "3868",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3868"
},
{
"name": "novell-client-username-bo(42359)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42359"
},
{
"name": "20080508 Novell Client \u003c= 4.91 SP4 Local Stack overflow / B.S.O.D (unauthentificated user)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491814/100/0/threaded"
},
{
"name": "30126",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30126"
},
{
"name": "1020020",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020020"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2145",
"datePublished": "2008-05-12T19:00:00",
"dateReserved": "2008-05-12T00:00:00",
"dateUpdated": "2024-08-07T08:49:58.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-12-05 11:28
Modified
2024-11-21 00:22
Severity ?
Summary
srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary."
},
{
"lang": "es",
"value": "srvloc.sys en Novell Client para Windows anterior a 4.91 SP3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante paquetes artesanales al puerto 427 que provoca un acceso a direcciones inv\u00e1lidas usando un nivel de petici\u00f3n de interrupci\u00f3n (IRQL) mayor que el necesario."
}
],
"id": "CVE-2006-6307",
"lastModified": "2024-11-21T00:22:24.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-05T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23244"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21430"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4840"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-31 13:20
Modified
2024-11-21 01:54
Severity ?
Summary
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | client | 4.91 | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_xp | * | |
| novell | client | 2.0 | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_vista | * | |
| novell | client | 2.0 | |
| microsoft | windows_7 | * | |
| microsoft | windows_8 | - | |
| microsoft | windows_8 | - | |
| microsoft | windows_server_2008 | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp5:*:*:*:*:*:*",
"matchCriteriaId": "C5B2E11D-D93E-493C-A00D-DDE313E95C23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "50C0D7F1-AE0C-46CD-81A2-EABF54CAE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:2.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E02BF436-28CC-4EC1-904E-403A39CE9174",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*",
"matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*",
"matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call."
},
{
"lang": "es",
"value": "El controlador del kernel NICM.SYS 3.1.11.0 en Novell Client 4.91 SP5 sobre Windows XP and Windows Server 2003; Novell Client 2 SP2 sobre Windows Vista y Windows Server 2008; y Novell Client 2 SP3 sobre Windows Server 2008 R2, Windows 7, Windows 8, y Windows Server 2012, permite a usuarios locales obtener privilegio a trav\u00e9s de una llamada 0x143B6B IOCTL manipulada."
}
],
"id": "CVE-2013-3956",
"lastModified": "2024-11-21T01:54:37.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-31T13:20:28.763",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/GB4iiEwR"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/26452"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/27191"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/GB4iiEwR"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/26452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/27191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-13 21:00
Modified
2024-11-21 00:40
Severity ?
Summary
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EDDFB0E9-EF4C-4E9E-9369-453AF2A8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el servicio Spooler (nwspool.dll) de Novell Client 4.91 SP4 para Windows permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos largos de m\u00faltiples funciones RCP no especificadas, tambi\u00e9n conocido como Novell bug 287919, una vulnerabilidad diferente a CVE-2007-2954."
}
],
"id": "CVE-2007-6701",
"lastModified": "2024-11-21T00:40:48.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-13T21:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26238"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018471"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/25092"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-08/0082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5005400.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/25092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35653"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-10 20:28
Modified
2024-11-21 00:22
Severity ?
Summary
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:*:*:*:*:*:*:*",
"matchCriteriaId": "D96B51D4-B0B4-4E35-A3F3-296E4C7F930C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Novell Distributed Print Services (NDPS) Print Provider para componentes de Windows (NDPPNT.DLL) en Novell Client 4.91 tiene impacto desconocido y ataques de vectores remotos."
}
],
"id": "CVE-2006-6443",
"lastModified": "2024-11-21T00:22:42.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T20:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23271"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21479"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.novell.com/docs/Readmes/InfoDocument/2974843.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4862"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-26 01:06
Modified
2024-11-21 00:11
Severity ?
Summary
Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.8:*:windows:*:*:*:*:*",
"matchCriteriaId": "ADCDCBA7-0A7E-4CED-91F7-B3DE3F584991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.9:*:windows:*:*:*:*:*",
"matchCriteriaId": "2F68874D-F37B-4C15-B699-B745B9F802A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the \"User Name\" field on the login prompt."
}
],
"id": "CVE-2006-2612",
"lastModified": "2024-11-21T00:11:41.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-26T01:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20194"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/961"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25760"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/434704/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/434724/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/434704/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/434724/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26595"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-31 22:17
Modified
2024-11-21 00:32
Severity ?
Summary
Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EDDFB0E9-EF4C-4E9E-9369-453AF2A8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory, and other unspecified RPC requests, aka Novell bug 300870, a different vulnerability than CVE-2006-5854."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n stack de la memoria en el servicio Spooler (biblioteca nwspool.dll) en Novell Client versiones 4.91 desde SP2 hasta SP4 para Windows, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de ciertos argumentos largos en peticiones RPC (1) RpcAddPrinterDriver, (2) RpcGetPrinterDriverDirectory y otras no especificadas, tambi\u00e9n se conoce como bug de Novell 300870, una vulnerabilidad diferente de CVE-2006-5854."
}
],
"id": "CVE-2007-2954",
"lastModified": "2024-11-21T00:32:03.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-31T22:17:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://osvdb.org/37321"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26374"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-57/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018623"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25474"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3006"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://download.novell.com/Download?buildid=VOXNZb-6t_g~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-57/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-045/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35824"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2024-11-20 23:33
Severity ?
Summary
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | client | 3.1 | |
| symantec | norton_antivirus | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5217A98-F7EA-4DC1-B7F8-CD6BAE700E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C2BFDB-DF41-4D5E-979C-0AA01908FB09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system."
}
],
"id": "CVE-2000-0793",
"lastModified": "2024-11-20T23:33:18.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1533"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222C5%40zathras.cc.vt.edu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222C5%40zathras.cc.vt.edu"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-18 10:30
Modified
2024-11-21 00:32
Severity ?
Summary
Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:6.5_sp6:*:*:*:*:*:*:*",
"matchCriteriaId": "CB46A637-9673-4639-9222-C9CFFDA1EDBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the NFS mount daemon (XNFS.NLM) in Novell NetWare 6.5 SP6, and probably earlier, allows remote attackers to cause a denial of service (abend) via a long path in a mount request."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el demonio de montado NFS (XNFS.NLM) en Novell NetWare 6.5 SP6, y posiblemente anteriores, permite a atacantes remotos provocar denegaci\u00f3n de servicio (abend - abnormal end (finalizaci\u00f3n no normal)) a trav\u00e9s de una ruta larga en una respuesta de montado."
}
],
"evaluatorSolution": "The vendor has addressed this issue through a product update: http://download.novell.com/SummaryFree.jsp?buildid=8XdJVBDYifk~",
"id": "CVE-2007-3207",
"lastModified": "2024-11-21T00:32:39.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-18T10:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37317"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25697"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24489"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"source": "cve@mitre.org",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5004900.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/578105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/24489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/23/3008097_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-12 19:20
Modified
2024-11-21 00:46
Severity ?
Summary
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E98A16C1-2026-4C53-B22E-51F07028DCB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EDDFB0E9-EF4C-4E9E-9369-453AF2A8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the \"forgotten password\" dialog."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en Novell Client 4.91 SP4 y anteriores permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un nombre de usuario (username) largo en el di\u00e1logo \"forgotten password (contrase\u00f1a olvidada)\"."
}
],
"id": "CVE-2008-2145",
"lastModified": "2024-11-21T00:46:11.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-12T19:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30126"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3868"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491814/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29109"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020020"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1503"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491814/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42359"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-14 01:46
Modified
2024-11-21 00:38
Severity ?
Summary
NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | - | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | - | |
| microsoft | windows_server_2003 | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | - | |
| novell | client | 4.91 | |
| novell | client | 4.91 | |
| novell | client | 4.91 | |
| novell | client | 4.91 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:adv_srv:*:*:*:*:*",
"matchCriteriaId": "4A894A39-8BB4-4923-B4CD-1CB93703B428",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:datacenter_srv:*:*:*:*:*",
"matchCriteriaId": "C3822450-7A42-45DD-A172-E964409C5BB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*",
"matchCriteriaId": "26CF0F23-E9B6-415F-868A-C883EF11F389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:srv:*:*:*:*:*",
"matchCriteriaId": "09C3156A-9DCF-4217-A5AC-9D3A5654CAC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:srv:ja:*:*:*:*",
"matchCriteriaId": "64546AE1-1691-4BAF-B2C9-6698F3FFDF87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:itanium:*:*:*:*:*",
"matchCriteriaId": "580632FB-7EB8-4DC6-A372-742D4523BF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:std:*:*:*:*:*",
"matchCriteriaId": "9562EC45-0F28-4E4D-AA16-7E34241F26B5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:wed:*:*:*:*:*",
"matchCriteriaId": "1DA5F012-9457-4562-B50C-2C674008B494",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64-std:*:*:*:*:*",
"matchCriteriaId": "4EF7C885-1142-477C-9AA2-5068EB9EFE82",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:xp-64bit:*:*:*:*:*",
"matchCriteriaId": "5B5D0781-714B-4BE8-B74A-3A2CBC58F604",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA86830-BEA8-4943-83EA-C267FA534223",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64bit:*:*:*:*:*",
"matchCriteriaId": "40DCD873-93E3-403A-8446-65F7E1B4FAD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*",
"matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:ibm_oem:*:*:*:*:*",
"matchCriteriaId": "81A690FA-1808-4E4F-8CBC-75FB5358D439",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro:*:*:*:*:*",
"matchCriteriaId": "19DA594E-B495-4C5D-BC94-79582D3983C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "E4707F3F-F79E-4085-A81B-569204B7B1DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E98A16C1-2026-4C53-B22E-51F07028DCB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EDDFB0E9-EF4C-4E9E-9369-453AF2A8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \\.\\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations."
},
{
"lang": "es",
"value": "NWFILTER.SYS en Novell Client 4.91 SP 1 hasta el SP 4 para Windows 2000, XP, y Server 2003 toma el dispositivo disponible \\.\\nwfilter para entradas METHOD_NEITHER IOCTLs en modo usuario de su elecci\u00f3n, lo cual permite a usuarios locales ganar privilegios pasando la direcci\u00f3n del n\u00facleo como un argumento y sobrescribiendo localizaciones de la memoria del n\u00facleo."
}
],
"id": "CVE-2007-5667",
"lastModified": "2024-11-21T00:38:25.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-14T01:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/40867"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27678"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26420"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018943"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3846"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/98/3260263_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-01-09 00:28
Modified
2024-11-21 00:24
Severity ?
Summary
nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles."
},
{
"lang": "es",
"value": "nwgina.dll en Novell Client 4.91 SP3 para Windows 2000/XP/2003 no elimina los perfiles de usuario durante una sesi\u00f3n de Servicio de Terminal o Citrix, lo cual permite a usuarios autenticados remotamente invocar perfiles de usuario alternativos."
}
],
"id": "CVE-2007-0108",
"lastModified": "2024-11-21T00:24:59.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-09T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/31358"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23619"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017471"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21886"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0064"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/31358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31343"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-05 11:28
Modified
2024-11-21 00:22
Severity ?
Summary
Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Novell Modular Authentication Services (NMAS) in the Novell Client 4.91 SP2 and SP3 allows users with physical access to read stack and memory contents via format string specifiers in the Username field of the logon window."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en Novell Modular Authentication Services (NMAS) en Novell Client 4.91 SP2 y SP3 permite a usuarios con acceso f\u00edsico leer el contenido de la memoria y de la pila mediante especificadores de cadenas de formato en el campo Username de la ventana de inicio de sesi\u00f3n."
}
],
"id": "CVE-2006-6306",
"lastModified": "2024-11-21T00:22:24.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-05T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23363"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1970"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017377"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/Novell01DEC.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4987"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"
},
{
"source": "cve@mitre.org",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974872.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974876.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/Novell01DEC.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453176/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://secure-support.novell.com/KanisaPlatform/Publishing/372/3546910_f.SAL_Public.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-13 21:00
Modified
2024-11-21 00:42
Severity ?
Summary
Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F0CBDEB2-98CF-4C6A-A45A-F5B61803E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EDDFB0E9-EF4C-4E9E-9369-453AF2A8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n EnumPrinters del servicio Spooler en Novell Client 4.91 SP2, SP3 y SP4 para Windows, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n RPC manipulada, tambi\u00e9n conocida como Novell bug 353138, una vulnerabilidad diferente a la CVE-2006-5854. NOTA: este problema se produce debido a un parche incompleto para CVE-2007-6701."
}
],
"id": "CVE-2008-0639",
"lastModified": "2024-11-21T00:42:34.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-13T21:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://download.novell.com/Download?buildid=SszG22IIugM~"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=120276962211348\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28895"
},
{
"source": "cve@mitre.org",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487980/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27741"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019366"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0496"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://download.novell.com/Download?buildid=SszG22IIugM~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=120276962211348\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5008300.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487980/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-005.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-22 15:16
Modified
2024-11-21 01:54
Severity ?
Summary
The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E2DE67FA-45AC-49D4-A3CC-596FFEB91827",
"versionEndIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL."
},
{
"lang": "es",
"value": "El componente VBA32 AntiRootKit para Novell Client 2 SP3 anteriores a IR5 en Windows permite a usuarios locales causar una denegaci\u00f3n de servicio (bugcheck y BSOD) a trav\u00e9s de una llamada IOCTL para un IOCTL inv\u00e1lido."
}
],
"id": "CVE-2013-3705",
"lastModified": "2024-11-21T01:54:09.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-22T15:16:04.160",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/support/kb/doc.php?id=7014276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://download.novell.com/Download?buildid=gCT45TxxTHQ~"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/support/kb/doc.php?id=7014276"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-11 10:02
Modified
2024-11-21 00:11
Severity ?
Summary
Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.83:sp3:*:*:*:*:*:*",
"matchCriteriaId": "431631B7-CC4D-4596-95B7-8CA64EE901DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.90:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B72C2440-20E6-4A5A-B299-A328E3E74C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78A17422-1FFE-4942-A6F1-01F99E4D42F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow."
}
],
"id": "CVE-2006-2304",
"lastModified": "2024-11-21T00:11:01.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-11T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20048"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016052"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hustlelabs.com/novell_ndps_advisory.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25429"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/434017/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17931"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1759"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.hustlelabs.com/novell_ndps_advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/434017/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26314"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-31 13:20
Modified
2024-11-21 01:54
Severity ?
Summary
Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| novell | client | 4.91 | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_xp | * | |
| novell | client | 2.0 | |
| microsoft | windows_server_2008 | - | |
| microsoft | windows_vista | * | |
| novell | client | 2.0 | |
| microsoft | windows_7 | * | |
| microsoft | windows_8 | - | |
| microsoft | windows_8 | - | |
| microsoft | windows_server_2008 | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:4.91:sp5:*:*:*:*:*:*",
"matchCriteriaId": "C5B2E11D-D93E-493C-A00D-DDE313E95C23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "50C0D7F1-AE0C-46CD-81A2-EABF54CAE8DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:client:2.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E02BF436-28CC-4EC1-904E-403A39CE9174",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x64:*:*:*:*:*",
"matchCriteriaId": "DE8E7D74-0DCB-4633-B502-EDC2112229BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8:-:-:x86:*:*:*:*:*",
"matchCriteriaId": "9DAA2E6F-A666-4136-8F6B-E35C313CAB2B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "36559BC0-44D7-48B3-86FF-1BFF0257B5ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call."
},
{
"lang": "es",
"value": "Desbordamiento de enterio en el controlador para el kernel NWFS.SYS 4.91.5.8 en Novell Client 4.91 SP5 sobre Windows XP y Windows Server 2003 y el controlador del kernel NCPL.SYS en Novell Client 2 SP2 sobre Windows Vista y Windows Server 2008 y Novell Client 2 SP3 sobre Windows Server 2008 R2, Windows 7, Windows 8, y Windows Server 2012, podr\u00eda permitir a usuarios locales obtener privilegios a trav\u00e9s de una llamada 0x1439EB IOCTL manipulada."
}
],
"id": "CVE-2013-3697",
"lastModified": "2024-11-21T01:54:08.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-31T13:20:28.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/RcS2Bucg"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://pastebin.com/RcS2Bucg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/support/kb/doc.php?id=7012497"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-200010-0069
Vulnerability from variot
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. "Auto-Protection" is a feature that comes with Norton Antivirus that automatically scans all files downloaded, executed, etc. It normally remains active from system bootup to shutdown regardless of who logs in and out of the system. This leaves the system vulnerable to attacks which the auto-protect software may have prevented
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200010-0069",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client",
"scope": "eq",
"trust": 1.9,
"vendor": "novell",
"version": "3.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "1533"
},
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:novell:client:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0793"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "First posted to Bugtraq by grice \u003cgrice@vt.edu\u003e on July 28, 2000.",
"sources": [
{
"db": "BID",
"id": "1533"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0793",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-2370",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0793",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200010-059",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-2370",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2370"
},
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. \"Auto-Protection\" is a feature that comes with Norton Antivirus that automatically scans all files downloaded, executed, etc. It normally remains active from system bootup to shutdown regardless of who logs in and out of the system. This leaves the system vulnerable to attacks which the auto-protect software may have prevented",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "BID",
"id": "1533"
},
{
"db": "VULHUB",
"id": "VHN-2370"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0793",
"trust": 2.0
},
{
"db": "BID",
"id": "1533",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000728 NORTON ANTIVIRUS PROTECTION DISABLED UNDER NOVELL NETWARE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2370",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2370"
},
{
"db": "BID",
"id": "1533"
},
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"id": "VAR-200010-0069",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2370"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:16:19.602000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0793"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/1533"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222c5%40zathras.cc.vt.edu"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=398222c5@zathras.cc.vt.edu"
},
{
"trust": 0.3,
"url": "http://support.novell.com"
},
{
"trust": 0.1,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026amp;msg=398222c5@zathras.cc.vt.edu"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2370"
},
{
"db": "BID",
"id": "1533"
},
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2370"
},
{
"db": "BID",
"id": "1533"
},
{
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2000-10-20T00:00:00",
"db": "VULHUB",
"id": "VHN-2370"
},
{
"date": "2000-07-28T00:00:00",
"db": "BID",
"id": "1533"
},
{
"date": "2000-10-20T04:00:00",
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"date": "2000-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-2370"
},
{
"date": "2009-07-11T02:56:00",
"db": "BID",
"id": "1533"
},
{
"date": "2023-11-07T01:55:24.897000",
"db": "NVD",
"id": "CVE-2000-0793"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NortonAntivirus Novell Client Anti-Virus Automatic Protection Failure Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "1533"
},
{
"db": "CNNVD",
"id": "CNNVD-200010-059"
}
],
"trust": 0.9
}
}