Denial-of-Service Vulnerability in Novell NetWare FTP Server
CVE-2005-4888

Currently unrated

Key Information:

Vendor: Novell
Status: Netware Ftp Server; Netware
Vendor: CVE Published:; 5 April 2010

Summary

The FTP server in Novell NetWare, specifically the NWFTPD.nlm component prior to version 5.06.04, is susceptible to a denial of service attack. This vulnerability arises when an attacker initiates multiple FTP sessions, each leaving persistent connections in a Not-Logged-In state after completion. As these stale connections accumulate, they can overwhelm the server, potentially leading to service disruption for legitimate users. It is recommended for users to upgrade to the latest version to mitigate this issue.

References

http://www.novell.com/support/viewContent.do?externalId=3...

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=97819

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 5, 2010