Description
NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=272093
Scores
EPSS
0.0016
EPSS Percentile
36.3%
Details
CWE
CWE-264
Status
published
Products (2)
novell/netware
6.5 sp7
novell/netware_ftp_server
Published
Apr 05, 2010
Tracked Since
Feb 18, 2026