CVE-2005-0744

Name of the Vulnerable Software and Affected Versions Novell iChain versions 2.2 through 2.3 SP3

Description The issue allows attackers to hijack sessions and gain administrator privileges through two methods: (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.

Recommendations For Novell iChain versions 2.2 through 2.3 SP3, consider restricting access to TCP port 51100 to minimize the risk of session hijacking and implement secure cookie handling practices to prevent replaying of the PCZQX02 authentication cookie.