NOVELL: Security Solutions

NOVELL: Security Solutions http://www.novell.com/support/ The newest security solutions. en-us Sat, 04 Jul 2009 23:00:31 GMT-6 http://blogs.law.harvard.edu/tech/rss support@novell.com support@novell.com 3484245: Updates to Novell ZENworks 7 Desktop Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=3484245 Applies to: ZENworks Desktop Management Tue, 30 Jun 2009 04:36:00 GMT-7 7000787: Remote operations do not require permission if user is not logged in http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000787 Applies to: ZENworks Configuration Management Mon, 01 Jun 2009 02:25:09 GMT-7 7003273: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability in Email Address Processing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003273 Applies to: GroupWise Thu, 21 May 2009 09:49:16 GMT-7 7003272: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability Processing SMTP Requests http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003272 Applies to: GroupWise Thu, 21 May 2009 09:48:29 GMT-7 7003271: Novell GroupWise WebAccess - Security Vulnerability with Javascript http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003271 Applies to: GroupWise Thu, 21 May 2009 09:47:02 GMT-7 7003268: Novell GroupWise WebAccess - Scripting Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003268 Applies to: GroupWise Thu, 21 May 2009 09:46:19 GMT-7 7003266: Novell GroupWise WebAccess - Security Vulnerability in Session Management Mechanisms http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003266 Applies to: GroupWise Thu, 21 May 2009 09:44:54 GMT-7 7003267: Novell GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability via Unfiltered Style Expressions http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003267 Applies to: GroupWise Thu, 21 May 2009 09:44:30 GMT-7 7003100: MITKRB5-SA-2009-002 - CVE-2009-0846 and Open Enterprise Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003100 Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server Thu, 07 May 2009 06:12:44 GMT-7 7000912: Status of CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000912 Applies to: NetWare, Open Enterprise Server, openSUSE, SUSE Linux Enterprise Server Thu, 16 Apr 2009 13:08:22 GMT-7 7002999: Novell Teaming Cross-Site Scripting Vulnerability fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002999 Applies to: Teaming + Conferencing Tue, 14 Apr 2009 14:57:59 GMT-7 7002997: Novell Teaming username enumeration vulnerability fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002997 Applies to: Teaming + Conferencing Tue, 14 Apr 2009 14:55:20 GMT-7 7000538: Security Vulnerability: iMonitor Accept-Language Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000538 Applies to: eDirectory Wed, 25 Mar 2009 10:12:59 GMT-7 3563780: Imaging Security "Only allow uploads to the following directories" can be bypassed http://www.novell.com/support/search.do?usemicrosite=true&searchString=3563780 Applies to: ZENworks Desktop Management Wed, 18 Feb 2009 04:45:03 GMT-7 7002321: Cross-site Scripting Security Vulnerability with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321 Applies to: GroupWise Mon, 02 Feb 2009 09:50:23 GMT-7 7002320: Persistent Cross-site Scripting (XSS) Security Vulnerability with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320 Applies to: GroupWise Mon, 02 Feb 2009 09:50:11 GMT-7 7002319: Security vulnerability (Cross-site Request Forgery) with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002319 Applies to: GroupWise Mon, 02 Feb 2009 09:49:56 GMT-7 7002502: Security Vulnerability (buffer overflow) with GroupWise Internet Agent http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002502 Applies to: GroupWise Fri, 30 Jan 2009 06:13:51 GMT-7 7002322: Security vulnerability with POST requests to GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002322 Applies to: GroupWise Fri, 30 Jan 2009 06:11:03 GMT-7 7001462: ZENWORKSUNINSTALL.EXE logs all parameters provided including credentials http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001462 Applies to: ZENworks Configuration Management Wed, 24 Dec 2008 14:22:18 GMT-7 7001464: Changing the password for the ZSM7SP1 Sybase database http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001464 Applies to: ZENworks Server Management Wed, 24 Dec 2008 14:21:54 GMT-7 7001157: Cross-Site Scripting vulnerability in the User Application http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001157 Applies to: Identity Manager Wed, 24 Dec 2008 14:16:10 GMT-7 7001183: Security Vulnerability - eDirectory Core Protocol Opcode 0x24 Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001183 Applies to: eDirectory Wed, 24 Dec 2008 14:15:59 GMT-7 7001184: Security Vulnerability - eDirectory Core Protocol Opcode 0x0F Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001184 Applies to: eDirectory Wed, 24 Dec 2008 14:15:43 GMT-7 7000676: Novell GroupWise Messenger 2.0.2 Security Vulnerability Report http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000676 Applies to: GroupWise Messenger Wed, 24 Dec 2008 14:14:37 GMT-7 3843876: Security Vulnerability - LDAP Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3843876 Applies to: eDirectory Wed, 24 Dec 2008 14:11:24 GMT-7 3866911: Security Vulnerability - Unauthenticated SOAP "eMBox" interface http://www.novell.com/support/search.do?usemicrosite=true&searchString=3866911 Applies to: eDirectory Wed, 24 Dec 2008 14:11:11 GMT-7 3460217: Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages http://www.novell.com/support/search.do?usemicrosite=true&searchString=3460217 Applies to: eDirectory Wed, 24 Dec 2008 14:11:09 GMT-7 7000314: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28969 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000314 Applies to: GroupWise Wed, 24 Dec 2008 14:11:02 GMT-7 7000317: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28944 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000317 Applies to: GroupWise Wed, 24 Dec 2008 14:10:45 GMT-7 7000534: Self-Destruct is incomplete on WIN CE device http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000534 Applies to: ZENworks Handheld Management Wed, 24 Dec 2008 14:10:42 GMT-7 3694858: Security Vulnerability: Integer overflow stack corruption http://www.novell.com/support/search.do?usemicrosite=true&searchString=3694858 Applies to: eDirectory Wed, 24 Dec 2008 14:10:36 GMT-7 3829452: Security Vulnerability - DoS via "Connection:" HTTP headers" http://www.novell.com/support/search.do?usemicrosite=true&searchString=3829452 Applies to: eDirectory Wed, 24 Dec 2008 14:10:23 GMT-7 3578235: Client Heap Overflow Vulnerability in Collection Client http://www.novell.com/support/search.do?usemicrosite=true&searchString=3578235 Applies to: ZENworks Asset Management Wed, 24 Dec 2008 14:10:13 GMT-7 3260263: Architectural and security problems with NWFILTER.SYS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3260263 Applies to: Novell Client Wed, 24 Dec 2008 14:06:40 GMT-7 3714097: Security problem with NICM.SYS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3714097 Applies to: Novell Client Wed, 24 Dec 2008 14:06:22 GMT-7 3496175: Security vulnerability: evtFilteredMonitorEventsRequest Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3496175 Applies to: eDirectory Wed, 24 Dec 2008 14:04:24 GMT-7 3726376: Challenge Response Client (LCM) allows clipboard contents to be pasted into question response fields when workstation is locked http://www.novell.com/support/search.do?usemicrosite=true&searchString=3726376 Applies to: NMAS (Novell Modular Authentication Services) Wed, 24 Dec 2008 14:04:24 GMT-7 3038365: Updates to ZENworks 7 Asset Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=3038365 Applies to: ZENworks Asset Management Wed, 24 Dec 2008 14:04:18 GMT-7 3639135: Potential Security Vulnerability in NetMail 3.5.2 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3639135 Applies to: NetMail Wed, 24 Dec 2008 14:04:05 GMT-7 3918173: Potential Security Vulnerability with Apache http://www.novell.com/support/search.do?usemicrosite=true&searchString=3918173 Applies to: Apache, NetWare Wed, 24 Dec 2008 14:02:18 GMT-7 3665923: BIND crashes on Dynamic DNS update request http://www.novell.com/support/search.do?usemicrosite=true&searchString=3665923 Applies to: SUSE Linux Enterprise Server Wed, 24 Dec 2008 14:02:17 GMT-7 3008097: XNFS Abend in rpcWorkerThread if nfs mount is attempted with long path http://www.novell.com/support/search.do?usemicrosite=true&searchString=3008097 Applies to: Network File System (NFS), NetWare Wed, 24 Dec 2008 14:02:09 GMT-7 3003756: Resolution for Security Vulnerability in GroupWise Mobile Server 2.0 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3003756 Applies to: GroupWise Mobile Server Wed, 24 Dec 2008 14:01:40 GMT-7 3243550: Securing a Remote Loader install on microsoft windows 2000. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3243550 Applies to: Identity Manager Wed, 24 Dec 2008 14:00:33 GMT-7 3193302: Security concerns scanning full-width/half-width Unicode encoded traffic http://www.novell.com/support/search.do?usemicrosite=true&searchString=3193302 Applies to: Access Manager, BorderManager, iChain Wed, 24 Dec 2008 13:59:37 GMT-7 3169416: Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX control http://www.novell.com/support/search.do?usemicrosite=true&searchString=3169416 Applies to: exteNd Director Wed, 24 Dec 2008 13:48:34 GMT-7 3125538: nwspool.dll buffer overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3125538 Applies to: Novell Client Wed, 24 Dec 2008 13:48:26 GMT-7 3382383: GroupWise 7.0.2 / 6.5 post SP6 Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3382383 Applies to: GroupWise Wed, 24 Dec 2008 13:48:25 GMT-7 3675615: Security Vulnerability: kadmind stack buffer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3675615 Applies to: Authentication Services Wed, 24 Dec 2008 13:48:22 GMT-7 3555327: Potential Security Vulnerability with Apache on NetWare 6.5 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3555327 Applies to: Apache, GroupWise Wed, 24 Dec 2008 13:47:55 GMT-7 3131009: Security Update for Novell Identity Manager 3.5 iManager Plugins http://www.novell.com/support/search.do?usemicrosite=true&searchString=3131009 Applies to: Identity Manager, DirXML Wed, 24 Dec 2008 13:47:34 GMT-7 3089220: buffer overflow in nwspool.dll http://www.novell.com/support/search.do?usemicrosite=true&searchString=3089220 Applies to: Novell Client Wed, 24 Dec 2008 13:47:19 GMT-7 3936018: security vulnerability: evtFilteredMonitorEventsRequest Invalid Free http://www.novell.com/support/search.do?usemicrosite=true&searchString=3936018 Applies to: eDirectory Wed, 24 Dec 2008 13:46:16 GMT-7 3248163: Security Vulnerability: kadmind affected by multiple RPC library vulnerabilities http://www.novell.com/support/search.do?usemicrosite=true&searchString=3248163 Applies to: Authentication Services Wed, 24 Dec 2008 13:46:12 GMT-7 3329402: Client Login Extension for Novell Identity Manager 3.5 Security Fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=3329402 Applies to: Identity Manager Wed, 24 Dec 2008 13:46:10 GMT-7 3590033: Security Vulnerability: RSA BSAFE Libraries denial of service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3590033 Applies to: NICI Wed, 24 Dec 2008 13:46:07 GMT-7 3618705: Security Update: KDC and kadmin stack overflow in krb5_klog_syslog http://www.novell.com/support/search.do?usemicrosite=true&searchString=3618705 Applies to: Authentication Services Wed, 24 Dec 2008 13:45:37 GMT-7 3429077: SSLVPN vulnerability bypassing security policies http://www.novell.com/support/search.do?usemicrosite=true&searchString=3429077 Applies to: Access Manager Wed, 24 Dec 2008 13:45:17 GMT-7 3686202: Security Vulnerability: eDirectory NCP over IP length Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3686202 Applies to: eDirectory Wed, 24 Dec 2008 13:43:59 GMT-7 3723994: Security Vulnerability: Remote code Execution in iMonitor http://www.novell.com/support/search.do?usemicrosite=true&searchString=3723994 Applies to: eDirectory Wed, 24 Dec 2008 13:43:45 GMT-7 3143224: Security Vulnerability: Multiple RSA implementations fail to properly handle signatures http://www.novell.com/support/search.do?usemicrosite=true&searchString=3143224 Applies to: NICI Wed, 24 Dec 2008 13:43:39 GMT-7 3924657: Security Vulnerability: NCP Fragment Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3924657 Applies to: eDirectory Wed, 24 Dec 2008 13:43:35 GMT-7 3762108: Novell client firewall (NCF) 2.x exploited to gain escalated privileges http://www.novell.com/support/search.do?usemicrosite=true&searchString=3762108 Applies to: BorderManager Wed, 24 Dec 2008 13:41:39 GMT-7 3319127: Potential XSS security vulnerability in Welcome web-app http://www.novell.com/support/search.do?usemicrosite=true&searchString=3319127 Applies to: Apache, NetWare Wed, 24 Dec 2008 13:41:08 GMT-7 3024921: JBoss Application Server Security Vulnerability Notice http://www.novell.com/support/search.do?usemicrosite=true&searchString=3024921 Applies to: Identity Manager Wed, 24 Dec 2008 13:40:44 GMT-7 3615264: Cross scripting (XSS) vulnerability with Access Manager Identity Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3615264 Applies to: Access Manager Wed, 24 Dec 2008 13:40:05 GMT-7 3623505: Msg.dll Heap Overflow Vulnerability in Task & Collection Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3623505 Applies to: ZENworks Asset Management Wed, 24 Dec 2008 13:34:58 GMT-7 3174344: Pervasive SQL DoS Vulnerability in NetWare 6.0 and NetWare 6.5 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3174344 Applies to: NetWare Wed, 24 Dec 2008 13:34:51 GMT-7 3096026: Security Vulnerabilities: Buffer Overrun in NetMail 3.52 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3096026 Applies to: NetMail Wed, 24 Dec 2008 13:34:14 GMT-7 3003139: BorderManager 3.8 generates predictable ISAKMP cookies http://www.novell.com/support/search.do?usemicrosite=true&searchString=3003139 Applies to: BorderManager Wed, 24 Dec 2008 13:33:28 GMT-7 3717068: Security Vulnerabilities: NetMail Buffer Overrun and Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3717068 Applies to: NetMail Wed, 24 Dec 2008 13:33:15 GMT-7 3885713: Security vulnerability: iManager Tomcat DoS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3885713 Applies to: iManager Wed, 24 Dec 2008 13:33:08 GMT-7 3506963: ZPM vulnerable to an SQL injection http://www.novell.com/support/search.do?usemicrosite=true&searchString=3506963 Applies to: ZENworks Patch Management Wed, 24 Dec 2008 13:33:03 GMT-7 3000551: MYAPPS.HTML requires a double click to launch application http://www.novell.com/support/search.do?usemicrosite=true&searchString=3000551 Applies to: ZENworks Desktop Management Wed, 24 Dec 2008 13:32:58 GMT-7 3480790: Denial of Service attack against srvloc.sys http://www.novell.com/support/search.do?usemicrosite=true&searchString=3480790 Applies to: Novell Client Wed, 24 Dec 2008 13:32:55 GMT-7 3226177: Security Vulnerability: eDirectory NMAS BerDecodeLoginDataRequest DoS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3226177 Applies to: NMAS (Novell Modular Authentication Services), eDirectory Wed, 24 Dec 2008 13:32:50 GMT-7 3546910: String format vulnerability at client login prompt http://www.novell.com/support/search.do?usemicrosite=true&searchString=3546910 Applies to: Novell Client Wed, 24 Dec 2008 13:32:39 GMT-7 3183151: New Security Enhancement to NetWare FTP Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3183151 Applies to: NetWare Wed, 24 Dec 2008 13:32:33 GMT-7 3006549: Buffer Overflow Vulnerability in iMonitor 2.4 for eDirectory 8.8 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3006549 Applies to: eDirectory Wed, 24 Dec 2008 12:20:50 GMT-7 3857626: NRM grants root access to LUM enabled eDirectory admins http://www.novell.com/support/search.do?usemicrosite=true&searchString=3857626 Applies to: Remote Manager, eDirectory, Open Enterprise Server Wed, 24 Dec 2008 12:20:31 GMT-7 3001076: NDPS client remote integer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3001076 Applies to: Novell Client Wed, 24 Dec 2008 12:20:27 GMT-7 3701584: Cross-site scripting (XSS) vulnerability in GroupWise WebAccess. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3701584 Applies to: GroupWise Wed, 24 Dec 2008 12:20:26 GMT-7 3574517: A cross-site scripting flaw exists with Novell GroupWise WebAccess. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3574517 Applies to: GroupWise Wed, 24 Dec 2008 12:20:15 GMT-7 3277932: Security update for Novell Kerberos KDC http://www.novell.com/support/search.do?usemicrosite=true&searchString=3277932 Applies to: Wed, 24 Dec 2008 12:20:11 GMT-7 3001480: GroupWise Client API Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3001480 Applies to: GroupWise Wed, 24 Dec 2008 12:20:08 GMT-7 3009145: NDPS on NetWare remote integer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3009145 Applies to: iPrint Wed, 24 Dec 2008 12:20:01 GMT-7