Authentication Bypass in Novell BorderManager ClientTrust Program
CVE-2000-0651

Currently unrated

Key Information:

Vendor: Novell
Status: Bordermanager
Vendor: CVE Published:; 7 July 2000

Summary

The ClientTrust program in Novell BorderManager contains a flaw in the verification process for the origin of authentication requests. This inadequacy may enable remote attackers to impersonate legitimate users by capturing and replaying authentication requests and responses from the targeted machine's port 3024. This vulnerability can potentially compromise user accounts and lead to unauthorized access to sensitive data and resources.

References

http://www.securityfocus.com/bid/1440

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/5186

vdb-entryx_refsource_XF

http://www.securityfocus.com/templates/archive.pike?list=...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Aug 2, 2000
Vulnerability published
Jul 7, 2000