Novell IManager Multiple Vulnerabilities Network Vulnerability

Summary

The host is running Novell iManager and is prone to multiple unspecified vulnerabilities.

Impact

Successful exploitation may allow remote attackers to perform unauthorized actions and gain access to the affected application. Other attacks are also possible. Impact Level: Application

Solution

Apply the patch. For updates refer to https://www.novell.com/support/kb/doc.php?id=7010166 ***** NOTE: Ignore this warning if above mentioned patch is installed. *****

Insight

Multiple flaws due to, - Does not refresh a token after a logout action. - Does not require multiple steps or explicit confirmation for sensitive transactions.

Affected

Novell iManager version prior to 2.7 SP 6 patch 1

References

http://www.novell.com/support/kb/doc.php?id=7010166
http://www.osvdb.org/92269
http://www.osvdb.org/92270

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1088, CVE-2013-3268

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities - Mac OS X
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
Adobe Air Remote Code Execution Vulnerability -June13 (Mac OS X)
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)

Novell iManager Multiple Vulnerabilities

Take action and discover your vulnerabilities