Nick Debaggis

#8246of 53,635
33.3Total CVSS
Vulnerabilities · 4
Medium
1
High
3
PT-2018-4025
7.5
2018-11-21
Novell · Novell Netware · CVE-2009-5153
**Name of the Vulnerable Software and Affected Versions** Novell NetWare versions prior to 6.5 SP8 **Description** A stack buffer overflow issue exists in the processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM, allowing remote unauthenticated attackers to execute code. This occurs because a length field is incorrectly trusted. **Recommendations** For versions prior to 6.5 SP8, update to version 6.5 SP8 or later to resolve the issue.
PT-2010-2380
6.5
2010-04-05
Novell · Nwftpd.Nlm · CVE-2010-0625
**Name of the Vulnerable Software and Affected Versions** Novell NetWare versions 5.1 through 6.5 SP8 with NWFTPD.nlm before 5.10.01 **Description** The issue is related to a stack-based buffer overflow in the FTP server, allowing remote authenticated users to potentially execute arbitrary code or cause a denial of service by crashing the daemon. This can be achieved through a long command, specifically the MKD, RMD, RNFR, or DELE commands. **Recommendations** For Novell NetWare versions 5.1 through 6.5 SP8 with NWFTPD.nlm before 5.10.01, update NWFTPD.nlm to version 5.10.01 or later to resolve the issue.
PT-2009-3065
10
2009-02-03
Novell · Novell Groupwise · CVE-2009-0410
**Name of the Vulnerable Software and Affected Versions** Novell GroupWise versions 6.5x through 8.0 **Description** The issue is caused by an off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA), allowing remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command. This leads to a buffer overflow. **Recommendations** For Novell GroupWise versions 6.5x through 8.0, update to a version that includes a fix for the off-by-one error in the SMTP daemon.
PT-2004-1365
9.3
2004-09-17
Microsoft · Gdi+ · CVE-2004-0200
**Name of the Vulnerable Software and Affected Versions** Microsoft Graphic Device Interface Plus (GDI+) component (affected versions not specified) **Description** A buffer overflow issue exists in the JPEG parsing engine of the GDI+ component, allowing remote attackers to execute arbitrary code. This is achieved by using a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.