 | 3484245: Updates to Novell ZENworks 7 Desktop Management |
| Applies to: ZENworks Desktop Management
|
| 7006705: Security Vulnerability: Novell Identity Manager engine installation leaves admin tree credentials in a file. |
| Applies to: Identity Manager
|
| 7006679: Security Vulnerability - Novell iPrint Client "call-back-url" Buffer Overflow |
| Applies to: iPrint
|
| 7006678: Security Vulnerability - Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability |
| Applies to: iPrint
|
| 7006677: Security Vulnerability - Novell iPrint Client Browser Plugin Execute Request debug Parameter Remote Code Execution |
| Applies to: iPrint
|
| 7006676: Security Vulnerability - Novell iPrint Client Browser Plugin Remote Code Execution Vulnerability |
| Applies to: iPrint
|
| 7006675: Security Vulnerability - Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution |
| Applies to: iPrint
|
| 7006673: Security Vulnerability - Novell iPrint Client boundary error in the parsing of certain time information |
| Applies to: iPrint
|
| 7006674: Security Vulnerability - Novell iPrint Client "target-frame" Buffer Overflowgs()" function. |
| Applies to: iPrint
|
| 7006672: Security Vulnerability - Novell Client ActiveX Control "nwsetup.dll" Unspecified Remote Denial of Service |
| Applies to: Novell Client
|
| 7006421: Security Vulnerability - Remote user can delete novell-owned files via HTTP without authentication. |
| Applies to: Sentinel
|
| 7006557: Security vulnerability with Remote Management password authentication |
| Applies to: ZENworks Desktop Management, ZENworks Server Management
|
| 7006380: GroupWise WebAccess Stack Overflow Security Vulnerability |
| Applies to: GroupWise
|
| 7006379: GroupWise 8 WebAccess Javascript/HTML injection XSS Security Vulnerability |
| Applies to: GroupWise
|
| 7006377: Security Vulnerability (XSS via Header Injection) in GroupWise WebAccess |
| Applies to: GroupWise
|
| 7006376: GroupWise WebAccess Cross-Site Scripting (XSS) Security Vulnerability on Replies |
| Applies to: GroupWise
|
| 7006375: GroupWise WebAccess Javascript Cross-Site Scripting (XSS) Security Vulnerability |
| Applies to: GroupWise
|
| 7006374: GroupWise Internet Agent Stack Overflow Security Vulnerability |
| Applies to: GroupWise
|
| 7006373: Security Vulnerability - GroupWise WebAccess Potentially Exposes Authentication Information |
| Applies to: GroupWise
|
| 7006372: Security Vulnerability (HTTP Header Injection) in GroupWise Agent HTTP Interfaces |
| Applies to: GroupWise
|
| 7006371: Cross-Site Scripting (XSS) Security Vulnerability in GroupWise Agent HTTP interfaces |
| Applies to: GroupWise
|
| 7006431: GroupWise stack overflow in gwcma1.dll |
| Applies to: GroupWise
|
| 7006432: GroupWise Stack overflow in gwcmb1.dll by passing long argument to NWDSLogout function in Netwin32.dll |
| Applies to: GroupWise
|
| 7005467: Security Vulnerability - eDirectory DHOST Predictable Session Cookie |
| Applies to: eDirectory
|
| 7006398: Tomcat 5.0.28 in ZLM 7.3 subject to "Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities" |
| Applies to: ZENworks Linux Management
|
| 3563780: Imaging Security "Only allow uploads to the following directories" can be bypassed |
| Applies to: ZENworks Desktop Management
|
| 3008097: XNFS Abend in rpcWorkerThread if nfs mount is attempted with long path |
| Applies to: NetWare, NFS Protocol
|
| 7004997: The GroupWise Windows client and Microsoft Security Advisory (973882) |
| Applies to: GroupWise
|
| 3329402: Client Login Extension for Novell Identity Manager 3.5 Security Fix |
| Applies to: Identity Manager
|
| 3578235: Client Heap Overflow Vulnerability in Collection Client |
| Applies to: ZENworks Asset Management
|
| 7005573: Security Vulnerability with ZCM Remote Execution |
| Applies to: ZENworks Configuration Management
|
| 7005572: Security Vulnerability with ZCM Preboot Service |
| Applies to: ZENworks Configuration Management
|
| 3857626: NRM grants root access to LUM enabled eDirectory admins |
| Applies to: eDirectory, Open Enterprise Server
|
| 3000551: MYAPPS.HTML requires a double click to launch application |
| Applies to: ZENworks Desktop Management
|
| 7000538: Security Vulnerability: iMonitor Accept-Language Buffer Overflow |
| Applies to: eDirectory
|
| 7004912: Security Vulnerability: Novell eDirectory Heap-based Buffer Overflow |
| Applies to: eDirectory
|
| 7004985: Security Vulnerability: iManager eDirectory Plugin Remote Code Execution |
| Applies to: iManager
|
| 3675615: Security Vulnerability: kadmind stack buffer overflow vulnerability |
| Applies to: Open Enterprise Server
|
| 3226177: Security Vulnerability: eDirectory NMAS BerDecodeLoginDataRequest DoS |
| Applies to: eDirectory, NMAS (Novell Modular Authentication Services)
|
| 3143224: Security Vulnerability: Multiple RSA implementations fail to properly handle signatures |
| Applies to: NICI
|
| 3590033: Security Vulnerability: RSA BSAFE Libraries denial of service |
| Applies to: NICI
|
| 3618705: Security Update: KDC and kadmin stack overflow in krb5_klog_syslog |
| Applies to: Open Enterprise Server
|
| 3248163: Security Vulnerability: kadmind affected by multiple RPC library vulnerabilities |
| Applies to: Open Enterprise Server, openSUSE, SUSE Linux Enterprise Server
|
| 3131009: Security Update for Novell Identity Manager 3.5 iManager Plugins |
| Applies to: Identity Manager
|
| 3714097: Security problem with NICM.SYS |
| Applies to: Novell Client
|
| 3260263: Architectural and security problems with NWFILTER.SYS |
| Applies to: Novell Client
|
| 7005185: Novell Open Enterprise Server: MITKRB5-SA-2009-004 [CVE-2009-4212] |
| Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server
|
| 7005128: ZAM 7.5 SQL Infection Vulnerability |
| Applies to: ZENworks Asset Management
|
| 7004945: Ability to manually query NDS workstation object through AWSI process disabled |
| Applies to: ZENworks Desktop Management
|
| 7005118: Novell Open Enterprise Server: MITKRB5-SA-2009-003 [CVE-2009-3295] |
| Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server
|
| 7004718: Security Vulnerability: iMonitor Accept-Language Buffer Overflow |
| Applies to: eDirectory
|
| 7004721: Security Vulnerability: eDirectory LDAP Null Base DN Denial of Service |
| Applies to: eDirectory
|
| 3243550: Securing a Remote Loader install on microsoft windows 2000. |
| Applies to: Identity Manager
|
| 3024921: JBoss Application Server Security Vulnerability Notice |
| Applies to: Identity Manager
|
| 7002319: Security vulnerability (Cross-site Request Forgery) with GroupWise WebAccess |
| Applies to: GroupWise
|
| 3382383: GroupWise 7.0.2 / 6.5 post SP6 Security Vulnerability |
| Applies to: GroupWise
|
| 3924657: Security Vulnerability: NCP Fragment Denial of Service |
| Applies to: eDirectory
|
| 3694858: Security Vulnerability: Integer overflow stack corruption |
| Applies to: eDirectory
|
| 7003273: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability in Email Address Processing |
| Applies to: GroupWise
|
| 7003272: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability Processing SMTP Requests |
| Applies to: GroupWise
|
| 7002502: Security Vulnerability (buffer overflow) with GroupWise Internet Agent |
| Applies to: GroupWise
|
| 7000912: Status of CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning |
| Applies to: NetWare, Open Enterprise Server, openSUSE, SUSE Linux Enterprise Server
|
| 7002997: Novell Teaming username enumeration vulnerability fix |
| Applies to: Teaming + Conferencing
|
| 7002999: Novell Teaming Cross-Site Scripting Vulnerability fix |
| Applies to: Teaming + Conferencing
|
| 7004410: GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability in User.Theme.index parameter |
| Applies to: GroupWise
|
| 7003640: Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability |
| Applies to: Novell Privileged User Manager
|
| 7000787: Remote operations do not require permission if user is not logged in |
| Applies to: ZENworks Configuration Management
|
| 7003271: Novell GroupWise WebAccess - Security Vulnerability with Javascript |
| Applies to: GroupWise
|
| 7003268: Novell GroupWise WebAccess - Scripting Security Vulnerability |
| Applies to: GroupWise
|
| 7003266: Novell GroupWise WebAccess - Security Vulnerability in Session Management Mechanisms |
| Applies to: GroupWise
|
| 7003267: Novell GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability via Unfiltered Style Expressions |
| Applies to: GroupWise
|
| 7003100: MITKRB5-SA-2009-002 - CVE-2009-0846 and Open Enterprise Server |
| Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server
|
| 7002321: Cross-site Scripting Security Vulnerability with GroupWise WebAccess |
| Applies to: GroupWise
|
| 7002320: Persistent Cross-site Scripting (XSS) Security Vulnerability with GroupWise WebAccess |
| Applies to: GroupWise
|
| 7002322: Security vulnerability with POST requests to GroupWise WebAccess |
| Applies to: GroupWise
|
| 7001462: ZENWORKSUNINSTALL.EXE logs all parameters provided including credentials |
| Applies to: ZENworks Configuration Management
|
| 7001464: Changing the password for the ZSM7SP1 Sybase database |
| Applies to: ZENworks Server Management
|
| 7001157: Cross-Site Scripting vulnerability in the User Application |
| Applies to: Identity Manager
|
| 7001183: Security Vulnerability - eDirectory Core Protocol Opcode 0x24 Heap Overflow |
| Applies to: eDirectory
|
| 7001184: Security Vulnerability - eDirectory Core Protocol Opcode 0x0F Heap Overflow |
| Applies to: eDirectory
|
| 7000676: Novell GroupWise Messenger 2.0.2 Security Vulnerability Report |
| Applies to: GroupWise Messenger
|
| 3843876: Security Vulnerability - LDAP Buffer Overflow |
| Applies to: eDirectory
|
| 3866911: Security Vulnerability - Unauthenticated SOAP "eMBox" interface |
| Applies to: eDirectory
|
| 3460217: Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages |
| Applies to: eDirectory
|
| 7000314: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28969 |
| Applies to: GroupWise
|
| 7000317: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28944 |
| Applies to: GroupWise
|
| 7000534: Self-Destruct is incomplete on WIN CE device |
| Applies to: ZENworks Handheld Management
|
| 3829452: Security Vulnerability - DoS via "Connection:" HTTP headers" |
| Applies to: eDirectory
|
| 3496175: Security vulnerability: evtFilteredMonitorEventsRequest Heap Overflow |
| Applies to: eDirectory
|
| 3726376: Challenge Response Client (LCM) allows clipboard contents to be pasted into question response fields when workstation is locked |
| Applies to: NMAS (Novell Modular Authentication Services)
|
| 3038365: Updates to ZENworks 7 Asset Management |
| Applies to: ZENworks Asset Management
|
| 3639135: Potential Security Vulnerability in NetMail 3.5.2 |
| Applies to: NetMail
|
| 3918173: Potential Security Vulnerability with Apache |
| Applies to: Apache, NetWare
|
| 3665923: BIND crashes on Dynamic DNS update request |
| Applies to: SUSE Linux Enterprise Server
|
| 3003756: Resolution for Security Vulnerability in GroupWise Mobile Server 2.0 |
| Applies to: GroupWise Mobile Server
|
| 3193302: Security concerns scanning full-width/half-width Unicode encoded traffic |
| Applies to: Access Manager, BorderManager, iChain
|
| 3169416: Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX control |
| Applies to: exteNd Director
|
| 3125538: nwspool.dll buffer overflow |
| Applies to: Novell Client
|
| 3555327: Potential Security Vulnerability with Apache on NetWare 6.5 |
| Applies to: Apache, GroupWise
|
| 3089220: buffer overflow in nwspool.dll |
| Applies to: Novell Client
|
| 3936018: security vulnerability: evtFilteredMonitorEventsRequest Invalid Free |
| Applies to: eDirectory
|
| 3429077: SSLVPN vulnerability bypassing security policies |
| Applies to: Access Manager
|
| 3686202: Security Vulnerability: eDirectory NCP over IP length Heap Overflow |
| Applies to: eDirectory
|
| 3723994: Security Vulnerability: Remote code Execution in iMonitor |
| Applies to: eDirectory
|
| 3762108: Novell client firewall (NCF) 2.x exploited to gain escalated privileges |
| Applies to: BorderManager
|
| 3319127: Potential XSS security vulnerability in Welcome web-app |
| Applies to: Apache, NetWare
|
| 3615264: Cross scripting (XSS) vulnerability with Access Manager Identity Server |
| Applies to: Access Manager
|
| 3623505: Msg.dll Heap Overflow Vulnerability in Task & Collection Server |
| Applies to: ZENworks Asset Management
|
| 3174344: Pervasive SQL DoS Vulnerability in NetWare 6.0 and NetWare 6.5 |
| Applies to: NetWare
|
| 3096026: Security Vulnerabilities: Buffer Overrun in NetMail 3.52 |
| Applies to: NetMail
|
| 3003139: BorderManager 3.8 generates predictable ISAKMP cookies |
| Applies to: BorderManager
|
| 3717068: Security Vulnerabilities: NetMail Buffer Overrun and Denial of Service |
| Applies to: NetMail
|
| 3885713: Security vulnerability: iManager Tomcat DoS |
| Applies to: iManager
|
| 3506963: ZPM vulnerable to an SQL injection |
| Applies to: ZENworks Patch Management
|
| 3480790: Denial of Service attack against srvloc.sys |
| Applies to: Novell Client
|
| 3546910: String format vulnerability at client login prompt |
| Applies to: Novell Client
|
| 3183151: New Security Enhancement to NetWare FTP Server |
| Applies to: NetWare
|
| 3006549: Buffer Overflow Vulnerability in iMonitor 2.4 for eDirectory 8.8 |
| Applies to: eDirectory
|
| 3001076: NDPS client remote integer overflow vulnerability |
| Applies to: Novell Client
|
| 3701584: Cross-site scripting (XSS) vulnerability in GroupWise WebAccess. |
| Applies to: GroupWise
|
| 3574517: A cross-site scripting flaw exists with Novell GroupWise WebAccess. |
| Applies to: GroupWise
|
| 3277932: Security update for Novell Kerberos KDC |
| Applies to:
|
| 3001480: GroupWise Client API Security Vulnerability |
| Applies to: GroupWise
|
| 3009145: NDPS on NetWare remote integer overflow vulnerability |
| Applies to: iPrint
|
