Novell NetWare NILE.NLM SSL Server Cleartext Communication Disclosure

2006-03-17T07:17:35
ID OSVDB:24046
Type osvdb
Reporter OSVDB
Modified 2006-03-17T07:17:35

Description

Vulnerability Description

Novell NetWare and Novell Open Enterprise Server contains a flaw that may allow a malicious user to force server to negotiate a less secure SSL connection. The issue is triggered because SSL server implementation in NILE.NLM permits encryption with a NULL key, which results in cleartext communication. It is possible that the flaw may allow remote attackers to read an SSL protected session resulting in a loss of confidentiality.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, vendor has released a patch NILE65SP5A.EXE to address this vulnerability.

Short Description

Novell NetWare and Novell Open Enterprise Server contains a flaw that may allow a malicious user to force server to negotiate a less secure SSL connection. The issue is triggered because SSL server implementation in NILE.NLM permits encryption with a NULL key, which results in cleartext communication. It is possible that the flaw may allow remote attackers to read an SSL protected session resulting in a loss of confidentiality.

References:

Vendor Specific Advisory URL Security Tracker: 1015799 Secunia Advisory ID:19324 Related OSVDB ID: 24048 Related OSVDB ID: 24047 Keyword: TID10100633,NOVL105338 ISS X-Force ID: 25380 FrSIRT Advisory: ADV-2006-1043 CVE-2006-0997 Bugtraq ID: 17176