Submit a Story      Security   FAQ    Resources    Certification    Links    Calendar    Forum    Polls    Search      

Welcome to abeNd.org - Novell News for IT Professionals Wednesday, February 22 2012 @ 11:53 PM CST
User Functions
:

:

Don't have an account yet? Sign up as a New User
Lost your password?

What's New
STORIES
2 new Stories in the last 1 day

COMMENTS last 2 days
No new comments

TRACKBACKS last 2 days
No new trackback comments

LINKS last 2 weeks
No recent new links


Who's Online
Guest Users: 5

Live Novell Chat
Live Novell Chat

Topics
Home
Poll posts (1/0)
Way Off Topic! (1/0)
Contracting (2/0)
FAQ (1/0)
NetWare (51/0)
Certification (31/0)
NDS/eDir (20/0)
Administration (78/0)
GroupWise (145/0)
Linux/Open Source (309/0)
Resources (21/0)
General News (907/0)
Security (292/0)

Poll
How do you think the Attachmate deal will turn out for "Novell"
Well, the marketing can't be any WORSE
Better, the product/support commitment is there
Worse, MS will end up with what is left of Novell’s marketshare & still end up with the patents, leaving the customer as the loser
Results
89 votes | 0 comments

Poll
Does your company still use Blackberry phones?
Yes, with BES
Yes, without BES
No, we never used Blackberries
No, we just stopped using them
No, we stopped using them 6 months ago
No, we stopped using them 1+ year ago
Results
59 votes | 0 comments

Microsoft Security


 [SA47268] Novell Access Manager SSL/TLS Initialization Vector Selection Weakness    
 Author:  kkbass
 Dated:  Saturday, December 17 2011 @ 09:52 AM CST
 Viewed:  288 times  
SecuritySECUNIA ADVISORY ID:
SA47268

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47268/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47268

RELEASE DATE:
2011-12-16

DISCUSS ADVISORY:
http://secunia.com/advisories/47268/#comments

DESCRIPTION:
A weakness has been reported in Novell Access Manager, which can be
exploited by malicious people to disclose potentially sensitive
information and hijack a user's session.

A design error exists within the implementation of SSL 3.0 and TLS
1.0 protocols.

For more information:
SA46168

The weakness is reported in version 3.1.

SOLUTION:
Edit configuration to enable RC4 encryption or ensure that clients
use an updated browser (please see the vendor's advisory for more
information).

ORIGINAL ADVISORY:
http://www.novell.com/support/viewContent.do?externalId=7009901



What's Related
  • http://secunia.com/advi...
  • https://ca.secunia.com/...
  • http://secunia.com/advi...
  • http://www.novell.com/s...
  • More by kkbass
  • More from Security

    		•
    Story Options
  • Mail Story to a Friend
  • Printable Story Format

    • Trackback

    Trackback URL for this entry: http://www.abend.org/trackback.php/20111217095204400

    Here's what others have to say about '[SA47268] Novell Access Manager SSL/TLS Initialization Vector Selection Weakness':

    From SUSE and Novell Straight to Fog Computing | Techrights
    Tracked on Wednesday, December 21 2011 @ 09:53 AM CST

    [SA47268] Novell Access Manager SSL/TLS Initialization Vector Selection Weakness | 0 comments | Create New Account
    The following comments are owned by whomever posted them. This site is not responsible for what they say.
     Copyright © 2012 abeNd.org
     All trademarks and copyrights on this page are owned by their respective owners.    		 Powered By GeekLog
    Created this page in 0.09 seconds