GCVE - cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:novell:netware:6.5:sp2:*:*:*:*:*:*

part: o version: 6.5 update: sp2

Vendor	Novell (`4a1c187d-e568-531f-92b0-685a3df2807c`)
Product	Netware (`4881543e-6443-58df-b573-93001d72d0a3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2010-0625`	vulnerable	2026-06-03 14:30:10.099122	Details available Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. Published: 2010-04-05T16:00:00.000Z Updated: 2024-08-07T00:52:19.920Z Open on db.gcve.eu Reference links http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1 http://www.vupen.com/english/advisories/2010/0742 http://www.securityfocus.com/archive/1/510557/100/0/threaded http://secunia.com/advisories/39151 http://www.zerodayinitiative.com/advisories/ZDI-10-062	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5696`	vulnerable	2026-06-03 14:29:10.650884	Details available Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations. Published: 2008-12-19T18:00:00.000Z Updated: 2024-08-07T11:04:44.153Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/47104 http://secunia.com/advisories/32989 http://www.vupen.com/english/advisories/2008/3368 http://www.securityfocus.com/bid/32657 http://www.securitytracker.com/id?1021350	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2327`	vulnerable	2026-06-03 14:27:31.723703	Details available Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. Published: 2006-05-12T00:00:00.000Z Updated: 2024-08-07T17:43:29.141Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/17922 http://www.vupen.com/english/advisories/2006/1740 http://www.hustlelabs.com/novell_ndps_advisory.pdf http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26314	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0999`	vulnerable	2026-06-03 14:27:23.071835	Details available The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session. Published: 2006-03-23T11:00:00.000Z Updated: 2024-08-07T16:56:15.230Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/1043 http://securitytracker.com/id?1015799 http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/25382 http://secunia.com/advisories/19324	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0998`	vulnerable	2026-06-03 14:27:23.071304	Details available The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. Published: 2006-03-23T11:00:00.000Z Updated: 2024-08-07T16:56:15.200Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/1043 http://securitytracker.com/id?1015799 http://www.osvdb.org/24047 http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/25381	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-0997`	vulnerable	2026-06-03 14:27:23.069684	Details available The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. Published: 2006-03-23T11:00:00.000Z Updated: 2024-08-07T16:56:15.298Z Open on db.gcve.eu Reference links http://www.vupen.com/english/advisories/2006/1043 http://securitytracker.com/id?1015799 http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm http://secunia.com/advisories/19324 https://exchange.xforce.ibmcloud.com/vulnerabilities/25380	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2852`	vulnerable	2026-06-03 14:27:03.402018	Details available Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. Published: 2005-09-08T04:00:00.000Z Updated: 2024-09-16T20:43:26.090Z Open on db.gcve.eu Reference links http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971832.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971821.htm http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971822.htm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-1060`	vulnerable	2026-06-03 14:26:57.394447	Details available Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets. Published: 2005-04-12T04:00:00.000Z Updated: 2024-08-07T21:35:59.977Z Open on db.gcve.eu Reference links http://support.novell.com/cgi-bin/search/searchtid.cgi?/2970467.htm http://secunia.com/advisories/14874 https://exchange.xforce.ibmcloud.com/vulnerabilities/20024 http://www.securityfocus.com/bid/13067	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0819`	vulnerable	2026-06-03 14:26:51.686161	Details available The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. Published: 2005-03-20T05:00:00.000Z Updated: 2024-08-07T21:28:28.380Z Open on db.gcve.eu Reference links http://securitytracker.com/id?1013460 http://www.securityfocus.com/bid/12831 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2971038.htm	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.