EUVD-2017-18203

Malware in sbrugna...

Micro Focus Novell eDirectory Password Restriction Vulnerability

Micro Focus Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Micro Focus, UK. The platform provides authentication policies, data backup and recovery services, and data disaster recovery. A...

Design/Logic Flaw

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations...

CVE-2017-9267

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations...

大汉网络 /jcms/interface/ldap/receive.jsp 接口未授权更改密钥

相关代码如下 if state.equals"S" //注册应用 boolean b = ldapBlf.writeXMLappname,enckey,ldapurl,webtype,ssourl,encrypttype; 未授权注册并覆盖了 enckey 得到 enckey 之后利用可以参照 https://www.sebug.net/vuldb/ssvid-90213...