PT-2003-1285 · Novell · Netware+2

Publicado

2003-03-31

Atualizado

2017-10-10

CVE-2002-1552

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Novell eDirectory (eDir) version 8.6.2 Netware 5.1 eDir version 85.x

Description The issue allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.

Recommendations For Novell eDirectory (eDir) version 8.6.2, update the password management settings to prevent users with expired passwords from gaining elevated permissions. For Netware 5.1 eDir version 85.x, modify the authentication process in Remote Manager to properly handle expired passwords and restrict inappropriate permissions.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-1552

Produtos afetados

Netware

Novell Edirectory

Remote Manager

PT-2003-1285 · Novell · Netware+2

CVE-2002-1552

Identificadores relacionados

Produtos afetados

Referências · 5