Remote Code Execution Vulnerability in Novell NetWare FTP Server
CVE-2010-0625

Currently unrated

Key Information:

Vendor: Novell
Status: Netware Ftp Server; Netware
Vendor: CVE Published:; 5 April 2010

What is CVE-2010-0625?

The Novell NetWare FTP server is susceptible to a stack-based buffer overflow due to improper handling of commands such as MKD, RMD, RNFR, and DELE. This vulnerability affects versions prior to 5.10.01 and allows remote authenticated users to potentially crash the server daemon or execute arbitrary code. Mitigating this vulnerability is crucial for maintaining the integrity and security of FTP operations within the NetWare environment.

References

http://www.novell.com/support/viewContent.do?externalId=3...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2010/0742

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/510557/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

33% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2010
Vulnerability Reserved
Feb 11, 2010