What is CVE-2010-0625?

CVE-2010-0625 is a vulnerability in Novell Netware, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-04-05.

Is CVE-2010-0625 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Novell Netware

CVE-2010-0625

Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1…

Vulnerability class: Buffer Overflow

EPSS: 0.276 (96.5th percentile) — read the EPSS interpretation.

Affected products

Novell Netware — versions 6.5, 6.0, 5.1
Novell Netware_ftp_server — versions 5.06.04, 5.04.5, 5.01i
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

39151 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
1023768 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)
20100329 {PRL} Novell Netware FTP Remote Stack Overflow (mailing-list, x_refsource_BUGTRAQ)
20100405 ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
39041 (vdb-entry, x_refsource_BID)
ADV-2010-0742 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2010-0625?: CVE-2010-0625 is a vulnerability in Novell Netware, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-04-05.
Is CVE-2010-0625 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.