CVE-2010-0625
Novell NetWare FTP Server - Stack-based Buffer Overflow via Long MKD RMD RNFR or DELE Command
Title source: llmDescription
Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.
References (10)
Core 10
Core References
Vendor Advisory x_refsource_confirm
http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0742
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510557/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39151
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-062
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=569496
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510353/100/0/threaded
Various Sources x_refsource_misc
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=12&Itemid=12
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/39041
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023768
Scores
EPSS
0.2763
EPSS Percentile
96.5%
Details
CWE
CWE-119
Status
published
Products (23)
novell/netware
5.1 (5 CPE variants)
novell/netware
6.0 (4 CPE variants)
novell/netware
6.5 (11 CPE variants)
novell/netware_ftp_server
5.01i
novell/netware_ftp_server
5.01o
novell/netware_ftp_server
5.01w
novell/netware_ftp_server
5.01y
novell/netware_ftp_server
5.02b
novell/netware_ftp_server
5.02i
novell/netware_ftp_server
5.02r
... and 13 more
Published
Apr 05, 2010
Tracked Since
Feb 18, 2026