First published: Thu Mar 23 2006(Updated: )
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Novell Open Enterprise Server | ||
Novell NetWare | =6.5 | |
Novell NetWare | =6.5-sp1 | |
Novell NetWare | =6.5-sp1.1a | |
Novell NetWare | =6.5-sp1.1b | |
Novell NetWare | =6.5-sp2 | |
Novell NetWare | =6.5-sp3 | |
Novell NetWare | =6.5-sp4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.