Vulnerability in Novell Netware

CVE-2003-1593

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.

EPSS: 0.001 (33.0th percentile) — read the EPSS interpretation.

Affected products

Novell Netware — versions 6.5, 6.0
Novell Netware_ftp_server
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)