CVE-2002-2433

NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.

Published: 2010-04-05 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2002-2433 is rated Moderate Risk (40.5/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 1.33%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2002-2433

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.38% 1.33% +0.94%
2 2025-03-17 0.21% 0.38% +0.18%
3 2024-09-17 0.21%

Full EPSS history (7 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2002-2433

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
4.0 2.0 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:S)
A single authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
 8.0 2.9 [email protected]

Weakness enumeration for CVE-2002-2433

Affected software / configurations for CVE-2002-2433

Vendor Product Version Raw CPE
novell netware_ftp_server <= 5.02y cpe:2.3:a:novell:netware_ftp_server:*:*:*:*:*:*:*:*
novell netware_ftp_server 5.01i cpe:2.3:a:novell:netware_ftp_server:5.01i:*:*:*:*:*:*:*
novell netware_ftp_server 5.01o cpe:2.3:a:novell:netware_ftp_server:5.01o:*:*:*:*:*:*:*
novell netware_ftp_server 5.01w cpe:2.3:a:novell:netware_ftp_server:5.01w:*:*:*:*:*:*:*
novell netware_ftp_server 5.01y cpe:2.3:a:novell:netware_ftp_server:5.01y:*:*:*:*:*:*:*
novell netware_ftp_server 5.02b cpe:2.3:a:novell:netware_ftp_server:5.02b:*:*:*:*:*:*:*
novell netware_ftp_server 5.02i cpe:2.3:a:novell:netware_ftp_server:5.02i:*:*:*:*:*:*:*
novell netware_ftp_server 5.02r cpe:2.3:a:novell:netware_ftp_server:5.02r:*:*:*:*:*:*:*
novell netware 5.1 cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*
novell netware 6.0 cpe:2.3:o:novell:netware:6.0:*:*:*:*:*:*:*
novell netware 6.5 cpe:2.3:o:novell:netware:6.5:*:*:*:*:*:*:*

References for CVE-2002-2433

cvelogic Threat Intelligence