Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-4188 |
Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929. Published: April 09, 2012; 4:55:02 PM -0400 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2009-4486 |
Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. Published: January 08, 2010; 1:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-3488 |
Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors. Published: August 06, 2008; 1:41:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-4517 |
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. Published: November 01, 2006; 10:07:00 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2005-1730 |
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2004-0079 |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. Published: November 23, 2004; 12:00:00 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2004-0081 |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. Published: November 23, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2004-0112 |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. Published: November 23, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |