First published: Thu Mar 23 2006(Updated: )
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Novell Open Enterprise Server | ||
Novell NetWare | =6.5 | |
Novell NetWare | =6.5-sp1 | |
Novell NetWare | =6.5-sp1.1a | |
Novell NetWare | =6.5-sp1.1b | |
Novell NetWare | =6.5-sp2 | |
Novell NetWare | =6.5-sp3 | |
Novell NetWare | =6.5-sp4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.