Novell eDirectory unauthenticated access to SOAP interface

= Affected software : Editor : Novell Name : eDirectory Version : 8.7.x see note and 8.8.2 Services : TCP/8028 HTTP and TCP/8030 HTTPS = External references : http://www.novell.com/support/viewContent.do?externalId=3866911&sliceId=1 https://vulners.com/cve/CVE-2008-0926 = Technical details : A SO...

CVE-2006-2703

The CVE-2006-2703 entry concerns the RedCarpet command-line client (rug), where the SSL certificate verification is not performed by the client when connecting to a server. This weaknesses permits a MITM attacker to read traffic and potentially execute commands through the intercepted connection....