PT-2006-2036 · Novell · Novell Open Enterprise Server+2

Publicado

2006-03-23

Atualizado

2020-02-24

CVE-2006-0998

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Novell NetWare version 6.5 Novell Open Enterprise Server (OES)

Description The SSL server implementation in NILE.NLM sometimes selects a weak cipher instead of an available stronger cipher. This makes it easier for remote attackers to sniff and decrypt an SSL protected session.

Recommendations For Novell NetWare version 6.5, consider configuring the SSL server to prioritize stronger ciphers. For Novell Open Enterprise Server (OES), restrict the use of weak ciphers in the SSL server implementation until a fix is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-0998

Produtos afetados

Nile.Nlm

Novell Netware

Novell Open Enterprise Server

PT-2006-2036 · Novell · Novell Open Enterprise Server+2

CVE-2006-0998

Identificadores relacionados

Produtos afetados

Referências · 10