VULHUB ™

Novell iChain server is reported prone to an information disclosure vulnerability that can lead to unauthorized access. An attacker on the local network can sniff network traffic and gain access to sensitive information such as configuration data and authentication credentials for various services. An attacker can also sniff network traffic, obtain a sensitive cookie and use it in a malicious Java applet to gain unauthorized access to the iChain server by hijacking another user's account. This vulnerability can allow an attacker to gain administrative access to an affected iChain server.

Novell iChain server is reported prone to an information disclosure vulnerability that can lead to unauthorized access. An attacker on the local network can sniff network traffic and gain access to sensitive information such as configuration data and authentication credentials for various services. An attacker can also sniff network traffic, obtain a sensitive cookie and use it in a malicious Java applet to gain unauthorized access to the iChain server by hijacking another user's account. This vulnerability can allow an attacker to gain administrative access to an affected iChain server.