Lucene search

[email protected]CVE-2003-1596

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2003-1596

2022-10-0316:15:43

CWE-264

[email protected]

web.nvd.nist.gov

cve-2003-1596

nwftpd.nlm

novell netware

ftp server

remote attackers

access restrictions

ftp session

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.3%

JSON

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

Affected configurations

NVD

Node

novellnetware_ftp_serverRange≤5.03b

novellnetware_ftp_serverMatch5.01i

novellnetware_ftp_serverMatch5.01o

novellnetware_ftp_serverMatch5.01w

novellnetware_ftp_serverMatch5.01y

novellnetware_ftp_serverMatch5.02b

novellnetware_ftp_serverMatch5.02i

novellnetware_ftp_serverMatch5.02r

novellnetware_ftp_serverMatch5.02y

AND

novellnetwareMatch5.1

novellnetwareMatch6.0

novellnetwareMatch6.5

CPENameOperatorVersion
novell:netware_ftp_servernovell netware ftp serverle5.03b
novell:netware_ftp_servernovell netware ftp servereq5.01i
novell:netware_ftp_servernovell netware ftp servereq5.01o
novell:netware_ftp_servernovell netware ftp servereq5.01w
novell:netware_ftp_servernovell netware ftp servereq5.01y
novell:netware_ftp_servernovell netware ftp servereq5.02b
novell:netware_ftp_servernovell netware ftp servereq5.02i
novell:netware_ftp_servernovell netware ftp servereq5.02r
novell:netware_ftp_servernovell netware ftp servereq5.02y
novell:netwarenovell netwareeq5.1

CPE	Name	Operator	Version
novell:netware_ftp_server	novell netware ftp server	le	5.03b
novell:netware_ftp_server	novell netware ftp server	eq	5.01i
novell:netware_ftp_server	novell netware ftp server	eq	5.01o
novell:netware_ftp_server	novell netware ftp server	eq	5.01w
novell:netware_ftp_server	novell netware ftp server	eq	5.01y
novell:netware_ftp_server	novell netware ftp server	eq	5.02b
novell:netware_ftp_server	novell netware ftp server	eq	5.02i
novell:netware_ftp_server	novell netware ftp server	eq	5.02r
novell:netware_ftp_server	novell netware ftp server	eq	5.02y
novell:netware	novell netware	eq	5.1

Rows per page:

1-10 of 121

References

www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for CVE-2003-1596

cvelist1 nvd1