PT-2003-1285 · Novell · Netware+2

Published

2003-03-31

Updated

2017-10-10

CVE-2002-1552

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Novell eDirectory (eDir) version 8.6.2 Netware 5.1 eDir version 85.x

Description The issue allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.

Recommendations For Novell eDirectory (eDir) version 8.6.2, update the password management settings to prevent users with expired passwords from gaining elevated permissions. For Netware 5.1 eDir version 85.x, modify the authentication process in Remote Manager to properly handle expired passwords and restrict inappropriate permissions.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1552

Affected Products

Netware

Novell Edirectory

Remote Manager

PT-2003-1285 · Novell · Netware+2

CVE-2002-1552

Related Identifiers

Affected Products

References · 5