Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1596

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1596
Last Modified 08 Jun 2010 12:00:00
Published 05 Apr 2010 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1596

Summary

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

Vulnerable Systems

Operating System

  • Novell Netware 5.1

  • Novell Netware 6.0

  • Novell Netware 6.5

Application

  • Novell Netware Ftp Server 5.01i

  • Novell Netware Ftp Server 5.01o

  • Novell Netware Ftp Server 5.01w

  • Novell Netware Ftp Server 5.01y

  • Novell Netware Ftp Server 5.02b

  • Novell Netware Ftp Server 5.02i

  • Novell Netware Ftp Server 5.02r

  • Novell Netware Ftp Server 5.02y

  • Novell Netware Ftp Server 5.03b


References

CONFIRM - http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1


Last Updated: 27 May 2016 10:38:26