Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-1020. PoCs published by Simple Nomad.
AI-analyzed exploit summary This is a writeup describing how unauthenticated clients can exploit default permissions on CX.EXE and NLIST.EXE in NetWare 4.x to enumerate NDS tree information, including user accounts, group memberships, and server details. The commands provided demonstrate how to extract sensitive directory information without authentication.
Description
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
Exploits (1)
This is a writeup describing how unauthenticated clients can exploit default permissions on CX.EXE and NLIST.EXE in NetWare 4.x to enumerate NDS tree information, including user accounts, group memberships, and server details. The commands provided demonstrate how to extract sensitive directory information without authentication.