Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell identity manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4526
The Client Login Extension (CLE) in Novell Identity Manager prior to 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file.
Novell Client Login Extension \\(cle\\)
Netiq Identity Manager
NA
CVE-2009-4879
The Identity Server in Novell Access Manager prior to 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Novell Access Manager 3
Novell Access Manager
NA
CVE-2006-4506
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection.
Netiq Identity Manager 3.0.1
NA
CVE-2006-4803
The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."
Netiq Identity Manager 3.0.1
NA
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
NA
CVE-2014-4619
EMC RSA Identity Management and Governance (IMG) 6.5.x prior to 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x prior to 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote malicious users to bypass authentication via an arbitrary valid username.
Emc Rsa Identity Management And Governance 6.5.0
Emc Rsa Identity Management And Governance 6.5.1
Emc Rsa Identity Management And Governance 6.8.1
Emc Rsa Identity Management And Governance 6.5.2
Emc Rsa Identity Management And Governance 6.8.0
NA
CVE-2006-4310
Mozilla Firefox 1.5.0.6 allows remote malicious users to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
Mozilla Firefox 1.5.0.6
1 EDB exploit
4.3
CVSSv3
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.0
Ntp Ntp 4.3.1
Ntp Ntp 4.3.16
Ntp Ntp 4.3.17
Ntp Ntp 4.3.24
Ntp Ntp 4.3.25
Ntp Ntp 4.3.31
Ntp Ntp 4.3.32
Ntp Ntp 4.3.39
Ntp Ntp 4.3.4
Ntp Ntp 4.3.47
Ntp Ntp 4.3.48
Ntp Ntp 4.3.54
Ntp Ntp 4.3.55
Ntp Ntp 4.3.61
Ntp Ntp 4.3.62
Ntp Ntp 4.3.63
Ntp Ntp 4.3.7
Ntp Ntp 4.3.70
Ntp Ntp 4.3.77
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2