Weak Cipher Selection Vulnerability in Novell NetWare 6.5 and Open Enterprise Server
CVE-2006-0998

Currently unrated

Key Information:

Vendor: Novell
Status: Open Enterprise Server
Vendor: CVE Published:; 23 March 2006

Summary

A flaw in the SSL server implementation within NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server allows weak cipher suites to be selected over stronger ones. This vulnerability exposes SSL-protected sessions to potential sniffing and decryption by attackers, compromising the confidentiality and integrity of data during transmission.

References

http://www.vupen.com/english/advisories/2006/1043

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1015799

vdb-entryx_refsource_SECTRACK

http://www.osvdb.org/24047

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 23, 2006
Vulnerability Reserved
Mar 6, 2006