CVE-2003-0636
https://notcve.org/view.php?id=CVE-2003-0636
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. Novell iChain 2.2 anteriores a Support Pack 1 no verifica adecuadamente que las redirecciones de URL concuerdan con el nombre DNS de un acelerador, lo que permite a atacantes redirigir URLs a sitios maliciosos. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm •
CVE-2003-0639
https://notcve.org/view.php?id=CVE-2003-0639
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication. Vulnerabilidad desconocida en Novell iChain 2.2 anteriores a Support Pack 1 permite a usuarios acceder a páginas restringidas o seguras sin autenticación. • http://marc.info/?l=bugtraq&m=105492852131747&w=2 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm •
CVE-2003-0635
https://notcve.org/view.php?id=CVE-2003-0635
Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM. Vulnerabilidad o vulnerabilidades desconocidas en Novell iChain 2.2 anteriores a Support Pack 1, con impacto desconocido, posiblemente relacionadas con acceso no autorizado a NCPIP.NLM y JSTCP.NLM. • http://marc.info/?l=bugtraq&m=105492852131747&w=2 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm •
CVE-2003-0638
https://notcve.org/view.php?id=CVE-2003-0638
Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." Múltiples desbordamientos de búfer en Novell iChain 2.1 anteriores a Field Patch 3, e iChain 2.2 anteriores a Field Patch 1a, permite a atacantes causar una denegación de servicio (ABEND) y posiblemente ejecutar código arbitrario mediante (1) un nombre de usuario largo o (2) un ataque desconocido relacionado con un "script especial contra inicio de sesión". • http://marc.info/?l=bugtraq&m=105492847631711&w=2 http://marc.info/?l=bugtraq&m=105492852131747&w=2 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm •
CVE-2003-0637
https://notcve.org/view.php?id=CVE-2003-0637
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. • http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm • CWE-203: Observable Discrepancy •