The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote malicious users to decrypt contents of an SSL protected session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell open enterprise server |
||
novell netware 6.5 |