The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote malicious users to read an SSL protected session by sniffing network traffic.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell open enterprise server |
||
novell netware 6.5 |