- Description
- NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:netware_ftp_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52FF91EA-4411-460E-9943-2427E884D3F2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:netware:6.5:sp7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF0FC43C-4041-49B4-87AD-63D7BE17136D"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]