NOVELL: Security Solutions
Sun Apr 24 04:37:22 EDT 2011
Home: http://www.novell.com/support/
Feed: http://www.novell.com/newsfeeds/rss/securitySolutions.xml

7007858: Security Vulnerability - Novell iPrint LPD Remote Code Execution Vulnerability

7007781: Security Vulnerability: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability

7007155: Security Vulnerability - GroupWise 8 Internet Agent VCALENDAR Variable Parsing

3484245: Updates to Novell ZENworks 7 Desktop Management

7007663: Security Vulnerability Heap Buffer Overflow with ZENworks 7 Handheld Management

7007321: Security Vulnerability with ZDML7 Imaging Remote Code Execution

7007320: Security Vulnerability with ZDM7 Remote Management

7007339: Security Vulnerability Stack Overflow with ZDM7 Remote Management

7007351: Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability

7007234: Security Vulnerability - iPrint Activex GetDriverSettings Remote Code Execution Vulnerability

7006676: Security Vulnerability - Novell iPrint Client Browser Plugin Remote Code Execution Vulnerability

7006675: Security Vulnerability - Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution

7006677: Security Vulnerability - Novell iPrint Client Browser Plugin Execute Request debug Parameter Remote Code Execution

7006678: Security Vulnerability - Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability

7007157: Security Vulnerability - GroupWise Internet Agent Authenticated IMAP User Remote Code Execution

7007152: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" Multiple Value Parsing

7007151: Security Vulnerability - GroupWise 8 Internet Agent IMAP Remote Code Execution Vulnerability

7007159: Security Vulnerability - GroupWise 8 Agent HTTP Interfaces Remote Code Execution

7007158: Security Vulnerability - GroupWise 8 WebPublisher Cross-Site Scripting (XSS)

7007156: Security Vulnerability - GroupWise 8 WebAccess Arbitrary File Download Vulnerability

7007153: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" String Data Parsing

7007154: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" Number Parsing

7007135: ZENworks 7 Handheld Management SP1 buffer overflow

7002999: Novell Teaming Cross-Site Scripting Vulnerability fix

7000787: Remote operations do not require permission if user is not logged in

7006390: Security Vulnerability - Core-2010-0316 iManagerMultiple Vulnerabilities

7006389: Security Vulnerability - eDirectory Server Malformed Index Denial of Service

7006705: Security Vulnerability: Novell Identity Manager engine installation leaves admin tree credentials in a file.

7006679: Security Vulnerability - Novell iPrint Client "call-back-url" Buffer Overflow

7006673: Security Vulnerability - Novell iPrint Client boundary error in the parsing of certain time information

7006674: Security Vulnerability - Novell iPrint Client "target-frame" Buffer Overflowgs()" function.

7006672: Security Vulnerability - Novell Client ActiveX Control "nwsetup.dll" Unspecified Remote Denial of Service

7006421: Security Vulnerability - Remote user can delete novell-owned files via HTTP without authentication.

7006557: Security vulnerability with Remote Management password authentication

7006380: GroupWise WebAccess Stack Overflow Security Vulnerability

7006379: GroupWise 8 WebAccess Javascript/HTML injection XSS Security Vulnerability

7006377: Security Vulnerability (XSS via Header Injection) in GroupWise WebAccess

7006376: GroupWise WebAccess Cross-Site Scripting (XSS) Security Vulnerability on Replies

7006375: GroupWise WebAccess Javascript Cross-Site Scripting (XSS) Security Vulnerability

7006374: GroupWise Internet Agent Stack Overflow Security Vulnerability

7006373: Security Vulnerability - GroupWise WebAccess Potentially Exposes Authentication Information

7006372: Security Vulnerability (HTTP Header Injection) in GroupWise Agent HTTP Interfaces

7006371: Cross-Site Scripting (XSS) Security Vulnerability in GroupWise Agent HTTP interfaces

7006431: GroupWise stack overflow in gwcma1.dll

7006432: GroupWise Stack overflow in gwcmb1.dll by passing long argument to NWDSLogout function in Netwin32.dll

7005467: Security Vulnerability - eDirectory DHOST Predictable Session Cookie

7006398: Tomcat 5.0.28 in ZLM 7.3 subject to "Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities"

3563780: Imaging Security "Only allow uploads to the following directories" can be bypassed

3008097: XNFS Abend in rpcWorkerThread if nfs mount is attempted with long path

7004997: The GroupWise Windows client and Microsoft Security Advisory (973882)

3329402: Client Login Extension for Novell Identity Manager 3.5 Security Fix

3578235: Client Heap Overflow Vulnerability in Collection Client

7005573: Security Vulnerability with ZCM Remote Execution

7005572: Security Vulnerability with ZCM Preboot Service

3857626: NRM grants root access to LUM enabled eDirectory admins

3000551: MYAPPS.HTML requires a double click to launch application

7000538: Security Vulnerability: iMonitor Accept-Language Buffer Overflow

7004912: Security Vulnerability: Novell eDirectory Heap-based Buffer Overflow

7004985: Security Vulnerability: iManager eDirectory Plugin Remote Code Execution

3675615: Security Vulnerability: kadmind stack buffer overflow vulnerability

3226177: Security Vulnerability: eDirectory NMAS BerDecodeLoginDataRequest DoS

3143224: Security Vulnerability: Multiple RSA implementations fail to properly handle signatures

3590033: Security Vulnerability: RSA BSAFE Libraries denial of service

3618705: Security Update: KDC and kadmin stack overflow in krb5_klog_syslog

3248163: Security Vulnerability: kadmind affected by multiple RPC library vulnerabilities

3131009: Security Update for Novell Identity Manager 3.5 iManager Plugins

3714097: Security problem with NICM.SYS

3260263: Architectural and security problems with NWFILTER.SYS

7005185: Novell Open Enterprise Server: MITKRB5-SA-2009-004 [CVE-2009-4212]

7005128: ZAM 7.5 SQL Infection Vulnerability

7004945: Ability to manually query NDS workstation object through AWSI process disabled

7005118: Novell Open Enterprise Server: MITKRB5-SA-2009-003 [CVE-2009-3295]

7004718: Security Vulnerability: iMonitor Accept-Language Buffer Overflow

7004721: Security Vulnerability: eDirectory LDAP Null Base DN Denial of Service

3243550: Securing a Remote Loader install on microsoft windows 2000.

3024921: JBoss Application Server Security Vulnerability Notice

7002319: Security vulnerability (Cross-site Request Forgery) with GroupWise WebAccess

3382383: GroupWise 7.0.2 / 6.5 post SP6 Security Vulnerability

3924657: Security Vulnerability: NCP Fragment Denial of Service

3694858: Security Vulnerability: Integer overflow stack corruption

7003273: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability in Email Address Processing

7003272: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability Processing SMTP Requests

7002502: Security Vulnerability (buffer overflow) with GroupWise Internet Agent

7000912: Status of CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning

7002997: Novell Teaming username enumeration vulnerability fix

7004410: GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability in User.Theme.index parameter

7003640: Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability

7003271: Novell GroupWise WebAccess - Security Vulnerability with Javascript

7003268: Novell GroupWise WebAccess - Scripting Security Vulnerability

7003266: Novell GroupWise WebAccess - Security Vulnerability in Session Management Mechanisms

7003267: Novell GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability via Unfiltered Style Expressions

7003100: MITKRB5-SA-2009-002 - CVE-2009-0846 and Open Enterprise Server

7002321: Cross-site Scripting Security Vulnerability with GroupWise WebAccess

7002320: Persistent Cross-site Scripting (XSS) Security Vulnerability with GroupWise WebAccess

7002322: Security vulnerability with POST requests to GroupWise WebAccess

7001462: ZENWORKSUNINSTALL.EXE logs all parameters provided including credentials

7001464: Changing the password for the ZSM7SP1 Sybase database

7001157: Cross-Site Scripting vulnerability in the User Application

7001183: Security Vulnerability - eDirectory Core Protocol Opcode 0x24 Heap Overflow

7001184: Security Vulnerability - eDirectory Core Protocol Opcode 0x0F Heap Overflow

7000676: Novell GroupWise Messenger 2.0.2 Security Vulnerability Report

3843876: Security Vulnerability - LDAP Buffer Overflow

3866911: Security Vulnerability - Unauthenticated SOAP "eMBox" interface

3460217: Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages

7000314: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28969

7000317: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28944

7000534: Self-Destruct is incomplete on WIN CE device

3829452: Security Vulnerability - DoS via "Connection:" HTTP headers"

3496175: Security vulnerability: evtFilteredMonitorEventsRequest Heap Overflow

3726376: Challenge Response Client (LCM) allows clipboard contents to be pasted into question response fields when workstation is locked

3038365: Updates to ZENworks 7 Asset Management

3639135: Potential Security Vulnerability in NetMail 3.5.2

3918173: Potential Security Vulnerability with Apache

3665923: BIND crashes on Dynamic DNS update request

3003756: Resolution for Security Vulnerability in GroupWise Mobile Server 2.0

3193302: Security concerns scanning full-width/half-width Unicode encoded traffic

3169416: Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX control

3125538: nwspool.dll buffer overflow

3555327: Potential Security Vulnerability with Apache on NetWare 6.5

3089220: buffer overflow in nwspool.dll

3936018: security vulnerability: evtFilteredMonitorEventsRequest Invalid Free

3429077: SSLVPN vulnerability bypassing security policies

3686202: Security Vulnerability: eDirectory NCP over IP length Heap Overflow

3723994: Security Vulnerability: Remote code Execution in iMonitor

3762108: Novell client firewall (NCF) 2.x exploited to gain escalated privileges

3319127: Potential XSS security vulnerability in Welcome web-app

3615264: Cross scripting (XSS) vulnerability with Access Manager Identity Server

3623505: Msg.dll Heap Overflow Vulnerability in Task & Collection Server

3174344: Pervasive SQL DoS Vulnerability in NetWare 6.0 and NetWare 6.5

3096026: Security Vulnerabilities: Buffer Overrun in NetMail 3.52

3003139: BorderManager 3.8 generates predictable ISAKMP cookies

3717068: Security Vulnerabilities: NetMail Buffer Overrun and Denial of Service

3885713: Security vulnerability: iManager Tomcat DoS

3506963: ZPM vulnerable to an SQL injection

3480790: Denial of Service attack against srvloc.sys

3546910: String format vulnerability at client login prompt

3183151: New Security Enhancement to NetWare FTP Server

3006549: Buffer Overflow Vulnerability in iMonitor 2.4 for eDirectory 8.8

3001076: NDPS client remote integer overflow vulnerability

3701584: Cross-site scripting (XSS) vulnerability in GroupWise WebAccess.

3574517: A cross-site scripting flaw exists with Novell GroupWise WebAccess.

3277932: Security update for Novell Kerberos KDC

3001480: GroupWise Client API Security Vulnerability

3009145: NDPS on NetWare remote integer overflow vulnerability