CVEブラウザに戻る

CVE-2010-4228

CRITICAL

9.0

CVSS Severity Score

EPSS Score0.1500%

EPSS Percentile4.45th

Published2011年3月22日

Last Modified2026年4月29日

Vulnerability Description

Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.

Affected Platforms (CPE)

💻

Novell

Netware

= 5.1

💻

Novell

Netware

= 6.0

💻

Novell

Netware

= 6.5

References & Advisories

🔗 http://secunia.com/advisories/43824

🔗 http://securityreason.com/securityalert/8149

🔗 http://www.novell.com/support/viewContent.do?externalId=3238588

🔗 http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=25&Itemid=25

🔗 http://www.securityfocus.com/bid/46922

🔗 http://www.zerodayinitiative.com/advisories/ZDI-11-106/

🔗 https://bugzilla.novell.com/show_bug.cgi?id=641249

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/66170

関連する脆弱性情報

CVE-2000-079310.0

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first use...

CVE-1999-108610.0

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrat...

CVE-1999-036110.0

NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging.

CVE-2003-159510.0

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspec...