Vulnerability Description
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Netware Ftp Server | All versions |
| Novell | Netware | All versions |
Related Weaknesses (CWE)
References
- http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1Vendor Advisory
- https://bugzilla.novell.com/show_bug.cgi?id=260459
- http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1Vendor Advisory
- https://bugzilla.novell.com/show_bug.cgi?id=260459
FAQ
What is CVE-2007-6735?
CVE-2007-6735 is a vulnerability with a CVSS score of 7.5 (HIGH). NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended acc...
How severe is CVE-2007-6735?
CVE-2007-6735 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6735?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Netware Ftp Server, Novell Netware.