{"api_version":"1","generated_at":"2026-06-03T10:02:21+00:00","cve":"CVE-2007-6735","urls":{"html":"https://cve.report/CVE-2007-6735","api":"https://cve.report/api/cve/CVE-2007-6735.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-6735","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-6735"},"summary":{"title":"CVE-2007-6735","description":"NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.","state":"PUBLISHED","assigner":"mitre","published_at":"2010-04-05 15:30:00","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-264","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://bugzilla.novell.com/show_bug.cgi?id=260459","name":"https://bugzilla.novell.com/show_bug.cgi?id=260459","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1","name":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"What fixes are in NWFTPD.NLM v5.10.01, March 26, 2010?","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-6735","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-6735","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"6735","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"novell","cpe5":"netware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"6735","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"novell","cpe5":"netware_ftp_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T16:18:20.658Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.novell.com/show_bug.cgi?id=260459"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2010-04-05T15:15:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.novell.com/show_bug.cgi?id=260459"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-6735","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1","refsource":"CONFIRM","url":"http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1"},{"name":"https://bugzilla.novell.com/show_bug.cgi?id=260459","refsource":"CONFIRM","url":"https://bugzilla.novell.com/show_bug.cgi?id=260459"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-6735","datePublished":"2010-04-05T15:15:00.000Z","dateReserved":"2010-04-05T00:00:00.000Z","dateUpdated":"2024-09-16T20:11:26.612Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-04-05 15:30:00","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-264","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:novell:netware_ftp_server:*:*:*:*:*:*:*:*","matchCriteriaId":"52FF91EA-4411-460E-9943-2427E884D3F2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","matchCriteriaId":"BF45C68A-5F83-4090-A0C1-A09EC2987706"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"6735","Ordinal":"1","Title":"CVE-2007-6735","CVE":"CVE-2007-6735","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"6735","Ordinal":"1","NoteData":"NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.","Type":"Description","Title":"CVE-2007-6735"},{"CveYear":"2007","CveId":"6735","Ordinal":"2","NoteData":"2010-04-05","Type":"Other","Title":"Published"}]}}}