Contributed by: kkbass
SECUNIA ADVISORY ID:
SA47268
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47268/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47268
RELEASE DATE:
2011-12-16
DISCUSS ADVISORY:
http://secunia.com/advisories/47268/#comments DESCRIPTION:
A weakness has been reported in Novell Access Manager, which can be
exploited by malicious people to disclose potentially sensitive
information and hijack a user's session.
A design error exists within the implementation of SSL 3.0 and TLS
1.0 protocols.
For more information:
SA46168
The weakness is reported in version 3.1.
SOLUTION:
Edit configuration to enable RC4 encryption or ensure that clients
use an updated browser (please see the vendor's advisory for more
information).
ORIGINAL ADVISORY:
http://www.novell.com/support/viewContent.do?externalId=7009901
Comments (0)
abeNd.org
http://www.abend.org/article.php/20111217095204400