NOVELL: Security Solutions

NOVELL: Security Solutions http://www.novell.com/support/ The newest security solutions. en-us Wed, 30 May 2012 23:00:30 GMT-6 http://blogs.law.harvard.edu/tech/rss support@novell.com support@novell.com 7007339: Security Vulnerability Stack Overflow with ZDM7 Remote Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007339 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:51:31 GMT-7 3484245: Updates to Novell ZENworks 7 Desktop Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=3484245 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:18:16 GMT-7 7007321: Security Vulnerability with Imaging Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007321 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:17:26 GMT-7 3563780: Imaging Security "Only allow uploads to the following directories" can be bypassed http://www.novell.com/support/search.do?usemicrosite=true&searchString=3563780 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:16:57 GMT-7 7006557: Security vulnerability with Remote Management password authentication http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006557 Applies to: ZENworks Desktop Management, ZENworks Server Management Mon, 30 Apr 2012 11:16:44 GMT-7 7004945: Ability to manually query NDS workstation object through AWSI process disabled http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004945 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:16:26 GMT-7 3248163: Security Vulnerability: kadmind affected by multiple RPC library vulnerabilities http://www.novell.com/support/search.do?usemicrosite=true&searchString=3248163 Applies to: SUSE Linux Enterprise Server, Open Enterprise Server Mon, 30 Apr 2012 11:16:18 GMT-7 7001464: Changing the password for the ZSM7SP1 Sybase database http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001464 Applies to: ZENworks Server Management Mon, 30 Apr 2012 11:16:15 GMT-7 3506963: ZPM vulnerable to an SQL injection http://www.novell.com/support/search.do?usemicrosite=true&searchString=3506963 Applies to: ZENworks Patch Management Mon, 30 Apr 2012 11:15:05 GMT-7 3000551: MYAPPS.HTML requires a double click to launch application http://www.novell.com/support/search.do?usemicrosite=true&searchString=3000551 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:14:47 GMT-7 7007320: Security Vulnerability with ZDM7 Remote Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007320 Applies to: ZENworks Desktop Management Mon, 30 Apr 2012 11:14:41 GMT-7 7005572: Security Vulnerability with ZCM Preboot Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005572 Applies to: ZENworks Configuration Management Mon, 30 Apr 2012 08:48:03 GMT-7 7006398: Tomcat 5.0.28 in ZLM 7.3 subject to "Multiple Vendor Multiple HTTP Request Smuggling Vulnerabilities" http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006398 Applies to: ZENworks Linux Management Mon, 30 Apr 2012 08:46:53 GMT-7 7000912: Status of CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000912 Applies to: SUSE Linux Enterprise Server, NetWare, Open Enterprise Server Fri, 27 Apr 2012 15:24:42 GMT-7 7005573: Security Vulnerability with ZCM Remote Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005573 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:11:36 GMT-7 7000787: Remote operations do not require permission if user is not logged in http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000787 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:11:35 GMT-7 7001462: ZENWORKSUNINSTALL.EXE logs all parameters provided including credentials http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001462 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:11:27 GMT-7 7009570: Security Vulnerabilities with ZENworks Admin Studio version http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009570 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:09:45 GMT-7 7007841: ZAM File Overwrite Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007841 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:08:54 GMT-7 7008110: ZCM has a Browsable web directory vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008110 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:08:19 GMT-7 3857626: NRM grants root access to LUM enabled eDirectory admins http://www.novell.com/support/search.do?usemicrosite=true&searchString=3857626 Applies to: eDirectory, Open Enterprise Server Fri, 27 Apr 2012 15:07:04 GMT-7 7005185: Novell Open Enterprise Server: MITKRB5-SA-2009-004 [CVE-2009-4212] http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005185 Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server Fri, 27 Apr 2012 15:06:44 GMT-7 7003100: MITKRB5-SA-2009-002 - CVE-2009-0846 and Open Enterprise Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003100 Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server Fri, 27 Apr 2012 15:06:42 GMT-7 7007896: ZCM TFTPD Remote Code Execution Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007896 Applies to: ZENworks Configuration Management Fri, 27 Apr 2012 15:06:41 GMT-7 7005118: Novell Open Enterprise Server: MITKRB5-SA-2009-003 [CVE-2009-3295] http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005118 Applies to: NMAS (Novell Modular Authentication Services), Open Enterprise Server Fri, 27 Apr 2012 15:06:32 GMT-7 7008962: Novell Open Enterprise Server: MITKRB5-SA-2011-005 [CVE-2011-1526] http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008962 Applies to: NetWare, Open Enterprise Server Fri, 27 Apr 2012 15:05:27 GMT-7 7006672: Security Vulnerability - Novell Client ActiveX Control "nwsetup.dll" Unspecified Remote Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006672 Applies to: Novell Client Fri, 27 Apr 2012 14:58:26 GMT-7 3001076: NDPS client remote integer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3001076 Applies to: Novell Client Fri, 27 Apr 2012 14:50:43 GMT-7 3480790: Denial of Service attack against srvloc.sys http://www.novell.com/support/search.do?usemicrosite=true&searchString=3480790 Applies to: Novell Client Fri, 27 Apr 2012 14:50:43 GMT-7 3714097: Security problem with NICM.SYS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3714097 Applies to: Novell Client Fri, 27 Apr 2012 14:50:42 GMT-7 3089220: buffer overflow in nwspool.dll http://www.novell.com/support/search.do?usemicrosite=true&searchString=3089220 Applies to: Novell Client Fri, 27 Apr 2012 14:41:26 GMT-7 3125538: nwspool.dll buffer overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3125538 Applies to: Novell Client Fri, 27 Apr 2012 14:41:24 GMT-7 3623505: Msg.dll Heap Overflow Vulnerability in Task &amp; Collection Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3623505 Applies to: ZENworks Asset Management Fri, 27 Apr 2012 12:59:32 GMT-7 7005128: ZAM 7.5 SQL Infection Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005128 Applies to: ZENworks Asset Management Fri, 27 Apr 2012 12:59:13 GMT-7 3665923: BIND crashes on Dynamic DNS update request http://www.novell.com/support/search.do?usemicrosite=true&searchString=3665923 Applies to: SUSE Linux Enterprise Server Fri, 27 Apr 2012 12:58:35 GMT-7 3038365: Updates to ZENworks 7 Asset Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=3038365 Applies to: ZENworks Asset Management Fri, 27 Apr 2012 12:57:40 GMT-7 3578235: Client Heap Overflow Vulnerability in Collection Client http://www.novell.com/support/search.do?usemicrosite=true&searchString=3578235 Applies to: ZENworks Asset Management Fri, 27 Apr 2012 12:56:41 GMT-7 7002999: Novell Teaming Cross-Site Scripting Vulnerability fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002999 Applies to: Teaming Fri, 27 Apr 2012 12:55:34 GMT-7 7009029: Tomcat Vulnerability CVE-2011-0534 for Novell Teaming / Vibe OnPrem http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009029 Applies to: Vibe OnPrem Fri, 27 Apr 2012 12:55:32 GMT-7 7007351: Novell Vibe 3 BETA OnPrem Stored Cross-site Scripting Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007351 Applies to: Vibe OnPrem Fri, 27 Apr 2012 12:55:17 GMT-7 7002997: Novell Teaming username enumeration vulnerability fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002997 Applies to: Teaming + Conferencing Fri, 27 Apr 2012 12:55:16 GMT-7 3243550: Securing a Remote Loader install on microsoft windows 2000. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3243550 Applies to: Identity Manager Fri, 27 Apr 2012 11:10:00 GMT-7 7008287: Novell Open Enterprise Server: MITKRB5-SA-2010-007 [CVE-2010-1323 CVE-2010-1324 CVE-2010-4020 CVE-2010-4021] http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008287 Applies to: Open Enterprise Server Fri, 27 Apr 2012 10:55:29 GMT-7 3675615: Security Vulnerability: kadmind stack buffer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3675615 Applies to: Open Enterprise Server Fri, 27 Apr 2012 10:52:49 GMT-7 3618705: Security Update: KDC and kadmin stack overflow in krb5_klog_syslog http://www.novell.com/support/search.do?usemicrosite=true&searchString=3618705 Applies to: Open Enterprise Server Fri, 27 Apr 2012 10:52:33 GMT-7 3382383: GroupWise 7.0.2 / 6.5 post SP6 Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3382383 Applies to: GroupWise Fri, 27 Apr 2012 10:50:21 GMT-7 7002502: Security Vulnerability (buffer overflow) with GroupWise Internet Agent http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002502 Applies to: GroupWise Fri, 27 Apr 2012 10:50:18 GMT-7 7006371: Cross-Site Scripting (XSS) Security Vulnerability in GroupWise Agent HTTP interfaces http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006371 Applies to: GroupWise Fri, 27 Apr 2012 10:49:55 GMT-7 7006373: Security Vulnerability - GroupWise WebAccess Potentially Exposes Authentication Information http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006373 Applies to: GroupWise Fri, 27 Apr 2012 10:49:55 GMT-7 7006432: GroupWise Stack overflow in gwcmb1.dll by passing long argument to NWDSLogout function in Netwin32.dll http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006432 Applies to: GroupWise Fri, 27 Apr 2012 10:49:46 GMT-7 7010084: Security Vulnerability - Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7010084 Applies to: Open Enterprise Server, iPrint Fri, 27 Apr 2012 10:48:38 GMT-7 3574517: A cross-site scripting flaw exists with Novell GroupWise WebAccess. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3574517 Applies to: GroupWise Fri, 27 Apr 2012 10:48:36 GMT-7 3918173: Potential Security Vulnerability with Apache http://www.novell.com/support/search.do?usemicrosite=true&searchString=3918173 Applies to: NetWare Fri, 27 Apr 2012 10:48:19 GMT-7 7006376: GroupWise WebAccess Cross-Site Scripting (XSS) Security Vulnerability on Replies http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006376 Applies to: GroupWise Fri, 27 Apr 2012 10:48:16 GMT-7 3174344: Pervasive SQL DoS Vulnerability in NetWare 6.0 and NetWare 6.5 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3174344 Applies to: NetWare Fri, 27 Apr 2012 10:48:11 GMT-7 7006372: Security Vulnerability (HTTP Header Injection) in GroupWise Agent HTTP Interfaces http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006372 Applies to: GroupWise Fri, 27 Apr 2012 10:47:57 GMT-7 7006375: GroupWise WebAccess Javascript Cross-Site Scripting (XSS) Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006375 Applies to: GroupWise Fri, 27 Apr 2012 10:47:53 GMT-7 7003266: Novell GroupWise WebAccess - Security Vulnerability in Session Management Mechanisms http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003266 Applies to: GroupWise Fri, 27 Apr 2012 10:47:24 GMT-7 7003273: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability in Email Address Processing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003273 Applies to: GroupWise Fri, 27 Apr 2012 10:47:21 GMT-7 3555327: Potential Security Vulnerability with Apache on NetWare 6.5 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3555327 Applies to: GroupWise Fri, 27 Apr 2012 10:46:58 GMT-7 3008097: XNFS Abend in rpcWorkerThread if nfs mount is attempted with long path http://www.novell.com/support/search.do?usemicrosite=true&searchString=3008097 Applies to: NFS Protocol, NetWare Fri, 27 Apr 2012 10:46:55 GMT-7 7006377: Security Vulnerability (XSS via Header Injection) in GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006377 Applies to: GroupWise Fri, 27 Apr 2012 10:46:27 GMT-7 7002322: Security vulnerability with POST requests to GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002322 Applies to: GroupWise Fri, 27 Apr 2012 10:46:19 GMT-7 7006379: GroupWise 8 WebAccess Javascript/HTML injection XSS Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006379 Applies to: GroupWise Fri, 27 Apr 2012 10:46:16 GMT-7 7009621: Potential Security Vulnerability with Apache on NetWare 6.5 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009621 Applies to: NetWare Fri, 27 Apr 2012 10:46:08 GMT-7 3319127: Potential XSS security vulnerability in Welcome web-app http://www.novell.com/support/search.do?usemicrosite=true&searchString=3319127 Applies to: NetWare Fri, 27 Apr 2012 10:45:59 GMT-7 7002321: Cross-site Scripting Security Vulnerability with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002321 Applies to: GroupWise Fri, 27 Apr 2012 10:45:57 GMT-7 7004410: GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability in User.Theme.index parameter http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004410 Applies to: GroupWise Fri, 27 Apr 2012 10:45:57 GMT-7 3701584: Cross-site scripting (XSS) vulnerability in GroupWise WebAccess. http://www.novell.com/support/search.do?usemicrosite=true&searchString=3701584 Applies to: GroupWise Fri, 27 Apr 2012 10:45:54 GMT-7 7002319: Security vulnerability (Cross-site Request Forgery) with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002319 Applies to: GroupWise Fri, 27 Apr 2012 10:45:52 GMT-7 7003271: Novell GroupWise WebAccess - Security Vulnerability with Javascript http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003271 Applies to: GroupWise Fri, 27 Apr 2012 10:45:52 GMT-7 7003268: Novell GroupWise WebAccess - Scripting Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003268 Applies to: GroupWise Fri, 27 Apr 2012 10:45:29 GMT-7 7002320: Persistent Cross-site Scripting (XSS) Security Vulnerability with GroupWise WebAccess http://www.novell.com/support/search.do?usemicrosite=true&searchString=7002320 Applies to: GroupWise Fri, 27 Apr 2012 10:45:14 GMT-7 3001480: GroupWise Client API Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3001480 Applies to: GroupWise Fri, 27 Apr 2012 10:44:39 GMT-7 7006374: GroupWise Internet Agent Stack Overflow Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006374 Applies to: GroupWise Fri, 27 Apr 2012 10:44:34 GMT-7 7006431: GroupWise stack overflow in gwcma1.dll http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006431 Applies to: GroupWise Fri, 27 Apr 2012 10:44:34 GMT-7 7004997: The GroupWise Windows client and Microsoft Security Advisory (973882) http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004997 Applies to: GroupWise Fri, 27 Apr 2012 10:44:21 GMT-7 7003267: Novell GroupWise WebAccess - Cross Site Scripting (XSS) Security Vulnerability via Unfiltered Style Expressions http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003267 Applies to: GroupWise Fri, 27 Apr 2012 10:44:14 GMT-7 7009947: Security Vulnerability: eDirectory RelativeToFullDN Parsing Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009947 Applies to: eDirectory, X eDirectory Fri, 06 Apr 2012 17:05:23 GMT-7 7001157: Cross-Site Scripting vulnerability in the User Application http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001157 Applies to: Identity Manager, Identity Manager, X Identity Manager Roles Based Provisioning Module Tue, 20 Mar 2012 09:35:51 GMT-7 7009901: Novell Access Manager and CVE-2011-3389: "Beast Attack Vulnerability" http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009901 Applies to: Access Manager, Access Manager Fri, 16 Mar 2012 10:06:40 GMT-7 7009676: Security Vulnerability - Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009676 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:05:53 GMT-7 7009486: ZENworks 7 Handheld Management SP1 directory traversal vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009486 Applies to: ZENworks Handheld Management, ZENworks Handheld Management Fri, 16 Mar 2012 10:05:20 GMT-7 7009213: Security Vulnerability in Oracle "Outside-In" (Lotus 123 & Microsoft CAB) viewers used by GroupWise http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009213 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:20 GMT-7 7009214: Security Vulnerability - GroupWise 8 WebAccess Cross-site scripting (XSS) issue in "Directory.Item" Parameters http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009214 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:20 GMT-7 7009215: Security Vulnerability - GroupWise 8 Internet Agent Weekly RRULE (VCALENDAR) Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009215 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:20 GMT-7 7009216: Security Vulnerability - GroupWise 8 Internet Agent Yearly RRULE (VCALENDAR) Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009216 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:20 GMT-7 7009208: Security Vulnerability - GroupWise 8 Internet Agent TZNAME (VCALENDAR) Variable Parsing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009208 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:19 GMT-7 7009210: Security Vulnerability - GroupWise 8 Internet Agent HTTP Interface Stack Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009210 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:19 GMT-7 7009212: Security Vulnerability - GroupWise 8 Internet Agent Weekday RRULE (VCALENDAR) Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009212 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:19 GMT-7 7009207: Security Vulnerability in Oracle "Outside-In" DOCX viewer used by GroupWise http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009207 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 10:04:18 GMT-7 7009055: Password is exposed in UI and can be seen through a LAN Trace http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009055 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:45 GMT-7 7009056: Weak SSL Ciphers supported with WebAdmin http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009056 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:45 GMT-7 7009057: Cacheable HTTPS Response http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009057 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:45 GMT-7 7009058: Cookie without HTTPOnly Flag Set http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009058 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:45 GMT-7 7009053: Sensitive information revealed without authenticating to WebAdmin http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009053 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:44 GMT-7 7009054: Session Fixation with Webadmin http://www.novell.com/support/search.do?usemicrosite=true&searchString=7009054 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:03:44 GMT-7 7008930: Linux Access Gateway Appliance does not support RFC 5746 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008930 Applies to: Access Manager, Access Manager Fri, 16 Mar 2012 10:03:13 GMT-7 7008730: Security Vulnerability - Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008730 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:29 GMT-7 7008731: Security Vulnerability - Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008731 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:29 GMT-7 7008727: Security Vulnerability - Novell iPrint nipplib.dll driver-version Remote Code Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008727 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:28 GMT-7 7008728: Security Vulnerability - Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008728 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:28 GMT-7 7008729: Security Vulnerability - Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008729 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:28 GMT-7 7008722: Security Vulnerability - Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008722 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:27 GMT-7 7008723: Security Vulnerability - Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008723 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:27 GMT-7 7008724: Security Vulnerability - Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008724 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:27 GMT-7 7008726: Security Vulnerability - Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008726 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:27 GMT-7 7008720: Security Vulnerability - Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008720 Applies to: iPrint, iPrint Fri, 16 Mar 2012 10:02:26 GMT-7 7008690: Novell Data Synchronizer Mobility Pack Unauthorized user access Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7008690 Applies to: Data Synchronizer, Data Synchronizer Fri, 16 Mar 2012 10:02:20 GMT-7 7007858: Security Vulnerability - Novell iPrint LPD Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007858 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:59:02 GMT-7 7007781: Security Vulnerability: Novell eDirectory Malformed NCP Request Denial of Service Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007781 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:58:44 GMT-7 7007663: Security Vulnerability Heap Buffer Overflow with ZENworks 7 Handheld Management http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007663 Applies to: ZENworks Handheld Management, ZENworks Handheld Management Fri, 16 Mar 2012 09:58:18 GMT-7 7007234: Security Vulnerability - iPrint Activex GetDriverSettings Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007234 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:56:14 GMT-7 7007156: Security Vulnerability - GroupWise 8 WebAccess Arbitrary File Download Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007156 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:55 GMT-7 7007157: Security Vulnerability - GroupWise Internet Agent Authenticated IMAP User Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007157 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:55 GMT-7 7007158: Security Vulnerability - GroupWise 8 WebPublisher Cross-Site Scripting (XSS) http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007158 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:55 GMT-7 7007159: Security Vulnerability - GroupWise 8 Agent HTTP Interfaces Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007159 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:55 GMT-7 7007152: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" Multiple Value Parsing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007152 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:54 GMT-7 7007153: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" String Data Parsing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007153 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:54 GMT-7 7007154: Security Vulnerability - GroupWise 8 Internet Agent "Content-Type" Number Parsing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007154 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:54 GMT-7 7007155: Security Vulnerability - GroupWise 8 Internet Agent VCALENDAR Variable Parsing http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007155 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:54 GMT-7 7007151: Security Vulnerability - GroupWise 8 Internet Agent IMAP Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007151 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:55:53 GMT-7 7007135: ZENworks 7 Handheld Management SP1 buffer overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7007135 Applies to: ZENworks Handheld Management, ZENworks Handheld Management Fri, 16 Mar 2012 09:55:49 GMT-7 7006705: Security Vulnerability: Novell Identity Manager engine installation leaves admin tree credentials in a file. http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006705 Applies to: Identity Manager, Identity Manager Fri, 16 Mar 2012 09:54:07 GMT-7 7006676: Security Vulnerability - Novell iPrint Client Browser Plugin Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006676 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:01 GMT-7 7006677: Security Vulnerability - Novell iPrint Client Browser Plugin Execute Request debug Parameter Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006677 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:01 GMT-7 7006678: Security Vulnerability - Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006678 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:01 GMT-7 7006679: Security Vulnerability - Novell iPrint Client "call-back-url" Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006679 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:01 GMT-7 7006673: Security Vulnerability - Novell iPrint Client boundary error in the parsing of certain time information http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006673 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:00 GMT-7 7006674: Security Vulnerability - Novell iPrint Client "target-frame" Buffer Overflowgs()" function. http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006674 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:00 GMT-7 7006675: Security Vulnerability - Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006675 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:54:00 GMT-7 7006421: Security Vulnerability - Remote user can delete novell-owned files via HTTP without authentication. http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006421 Applies to: Sentinel, Sentinel Fri, 16 Mar 2012 09:52:59 GMT-7 7006389: Security Vulnerability - eDirectory Server Malformed Index Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006389 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:52:52 GMT-7 7006390: Security Vulnerability - Core-2010-0316 iManagerMultiple Vulnerabilities http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006390 Applies to: iManager, iManager Fri, 16 Mar 2012 09:52:52 GMT-7 7006380: GroupWise WebAccess Stack Overflow Security Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006380 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:52:49 GMT-7 7006378: Security Vulnerability - GroupWise Internet Agent (GWIA) Denial-of-Service (DoS) Issue http://www.novell.com/support/search.do?usemicrosite=true&searchString=7006378 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:52:48 GMT-7 7005950: OpenSSL vulnerability CVE-2009-3555 and Access Manager http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005950 Applies to: Access Manager, Access Manager Fri, 16 Mar 2012 09:50:58 GMT-7 7005467: Security Vulnerability - eDirectory DHOST Predictable Session Cookie http://www.novell.com/support/search.do?usemicrosite=true&searchString=7005467 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:48:56 GMT-7 7004985: Security Vulnerability: iManager eDirectory Plugin Remote Code Execution http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004985 Applies to: iManager, iManager Fri, 16 Mar 2012 09:46:53 GMT-7 7004912: Security Vulnerability: Novell eDirectory Heap-based Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004912 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:46:31 GMT-7 7004721: Security Vulnerability: eDirectory LDAP Null Base DN Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004721 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:45:41 GMT-7 7004718: Security Vulnerability: iMonitor Accept-Language Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7004718 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:45:40 GMT-7 7003640: Security Vulnerability: Novell Privileged User Manager Remote Library Injection Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003640 Applies to: Novell Privileged User Manager, Novell Privileged User Manager Fri, 16 Mar 2012 09:41:32 GMT-7 7003272: Novell GroupWise Internet Agent (GWIA) - Security Vulnerability Processing SMTP Requests http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003272 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:39:44 GMT-7 7001184: Security Vulnerability - eDirectory Core Protocol Opcode 0x0F Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001184 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:30:12 GMT-7 7001183: Security Vulnerability - eDirectory Core Protocol Opcode 0x24 Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7001183 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:30:11 GMT-7 7000676: Novell GroupWise Messenger 2.0.2 Security Vulnerability Report http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000676 Applies to: GroupWise Messenger, GroupWise Messenger Fri, 16 Mar 2012 09:27:55 GMT-7 7000538: Security Vulnerability: iMonitor Accept-Language Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000538 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:27:24 GMT-7 7000534: Self-Destruct is incomplete on WIN CE device http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000534 Applies to: ZENworks Handheld Management, ZENworks Handheld Management Fri, 16 Mar 2012 09:27:23 GMT-7 7000317: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28944 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000317 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:26:21 GMT-7 7000314: Response to reported security vulnerability SecurityFocus Bugtraq ID: 28969 http://www.novell.com/support/search.do?usemicrosite=true&searchString=7000314 Applies to: GroupWise, GroupWise Fri, 16 Mar 2012 09:26:20 GMT-7 3936018: security vulnerability: evtFilteredMonitorEventsRequest Invalid Free http://www.novell.com/support/search.do?usemicrosite=true&searchString=3936018 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:23:48 GMT-7 3924657: Security Vulnerability: NCP Fragment Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3924657 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:23:36 GMT-7 3885713: Security vulnerability: iManager Tomcat DoS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3885713 Applies to: iManager, iManager Fri, 16 Mar 2012 09:22:49 GMT-7 3866911: Security Vulnerability - Unauthenticated SOAP "eMBox" interface http://www.novell.com/support/search.do?usemicrosite=true&searchString=3866911 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:22:28 GMT-7 3843876: Security Vulnerability - LDAP Buffer Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3843876 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:21:59 GMT-7 3829452: Security Vulnerability - DoS via "Connection:" HTTP headers" http://www.novell.com/support/search.do?usemicrosite=true&searchString=3829452 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:21:47 GMT-7 3762108: Novell client firewall (NCF) 2.x exploited to gain escalated privileges http://www.novell.com/support/search.do?usemicrosite=true&searchString=3762108 Applies to: BorderManager, BorderManager Fri, 16 Mar 2012 09:20:21 GMT-7 3726376: Challenge Response Client (LCM) allows clipboard contents to be pasted into question response fields when workstation is locked http://www.novell.com/support/search.do?usemicrosite=true&searchString=3726376 Applies to: NMAS (Novell Modular Authentication Services), NMAS (Novell Modular Authentication Services) Fri, 16 Mar 2012 09:19:31 GMT-7 3723994: Security Vulnerability: Remote code Execution in iMonitor http://www.novell.com/support/search.do?usemicrosite=true&searchString=3723994 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:19:26 GMT-7 3717068: Security Vulnerabilities: NetMail Buffer Overrun and Denial of Service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3717068 Applies to: NetMail Fri, 16 Mar 2012 09:19:21 GMT-7 3694858: Security Vulnerability: Integer overflow stack corruption http://www.novell.com/support/search.do?usemicrosite=true&searchString=3694858 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:18:57 GMT-7 3686202: Security Vulnerability: eDirectory NCP over IP length Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3686202 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:18:47 GMT-7 3639135: Potential Security Vulnerability in NetMail 3.5.2 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3639135 Applies to: NetMail Fri, 16 Mar 2012 09:17:50 GMT-7 3615264: Cross scripting (XSS) vulnerability with Access Manager Identity Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3615264 Applies to: Access Manager, Access Manager Fri, 16 Mar 2012 09:17:21 GMT-7 3590033: Security Vulnerability: RSA BSAFE Libraries denial of service http://www.novell.com/support/search.do?usemicrosite=true&searchString=3590033 Applies to: NICI, NICI Fri, 16 Mar 2012 09:16:48 GMT-7 3546910: String format vulnerability at client login prompt http://www.novell.com/support/search.do?usemicrosite=true&searchString=3546910 Applies to: Novell Client, Novell Client Fri, 16 Mar 2012 09:15:51 GMT-7 3496175: Security vulnerability: evtFilteredMonitorEventsRequest Heap Overflow http://www.novell.com/support/search.do?usemicrosite=true&searchString=3496175 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:14:40 GMT-7 3460217: Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages http://www.novell.com/support/search.do?usemicrosite=true&searchString=3460217 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:13:26 GMT-7 3429077: SSLVPN vulnerability bypassing security policies http://www.novell.com/support/search.do?usemicrosite=true&searchString=3429077 Applies to: Access Manager, Access Manager Fri, 16 Mar 2012 09:12:51 GMT-7 3329402: Client Login Extension for Novell Identity Manager 3.5 Security Fix http://www.novell.com/support/search.do?usemicrosite=true&searchString=3329402 Applies to: Identity Manager, Identity Manager Fri, 16 Mar 2012 09:10:31 GMT-7 3277932: Security update for Novell Kerberos KDC http://www.novell.com/support/search.do?usemicrosite=true&searchString=3277932 Applies to: Fri, 16 Mar 2012 09:09:26 GMT-7 3260263: Architectural and security problems with NWFILTER.SYS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3260263 Applies to: Novell Client, Novell Client Fri, 16 Mar 2012 09:09:05 GMT-7 3226177: Security Vulnerability: eDirectory NMAS BerDecodeLoginDataRequest DoS http://www.novell.com/support/search.do?usemicrosite=true&searchString=3226177 Applies to: NMAS (Novell Modular Authentication Services), eDirectory, NMAS (Novell Modular Authentication Services), eDirectory Fri, 16 Mar 2012 09:08:20 GMT-7 3193302: Security concerns scanning full-width/half-width Unicode encoded traffic http://www.novell.com/support/search.do?usemicrosite=true&searchString=3193302 Applies to: iChain, Access Manager, Access Manager, BorderManager, BorderManager, iChain Fri, 16 Mar 2012 09:07:42 GMT-7 3183151: New Security Enhancement to NetWare FTP Server http://www.novell.com/support/search.do?usemicrosite=true&searchString=3183151 Applies to: NetWare, NetWare Fri, 16 Mar 2012 09:07:32 GMT-7 3169416: Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX control http://www.novell.com/support/search.do?usemicrosite=true&searchString=3169416 Applies to: exteNd Director Fri, 16 Mar 2012 09:07:08 GMT-7 3143224: Security Vulnerability: Multiple RSA implementations fail to properly handle signatures http://www.novell.com/support/search.do?usemicrosite=true&searchString=3143224 Applies to: NICI, NICI Fri, 16 Mar 2012 09:06:37 GMT-7 3131009: Security Update for Novell Identity Manager 3.5 iManager Plugins http://www.novell.com/support/search.do?usemicrosite=true&searchString=3131009 Applies to: Identity Manager, Identity Manager Fri, 16 Mar 2012 09:06:20 GMT-7 3096026: Security Vulnerabilities: Buffer Overrun in NetMail 3.52 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3096026 Applies to: NetMail Fri, 16 Mar 2012 09:05:35 GMT-7 3024921: JBoss Application Server Security Vulnerability Notice http://www.novell.com/support/search.do?usemicrosite=true&searchString=3024921 Applies to: Identity Manager, Identity Manager Fri, 16 Mar 2012 09:03:44 GMT-7 3009145: NDPS on NetWare remote integer overflow vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=3009145 Applies to: iPrint, iPrint Fri, 16 Mar 2012 09:03:18 GMT-7 3006549: Buffer Overflow Vulnerability in iMonitor 2.4 for eDirectory 8.8 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3006549 Applies to: eDirectory, eDirectory Fri, 16 Mar 2012 09:02:49 GMT-7 3003756: Resolution for Security Vulnerability in GroupWise Mobile Server 2.0 http://www.novell.com/support/search.do?usemicrosite=true&searchString=3003756 Applies to: GroupWise Mobile Server, GroupWise Mobile Server Fri, 16 Mar 2012 09:02:22 GMT-7 3003139: BorderManager 3.8 generates predictable ISAKMP cookies http://www.novell.com/support/search.do?usemicrosite=true&searchString=3003139 Applies to: BorderManager, BorderManager Fri, 16 Mar 2012 09:02:17 GMT-7 7010144: Security Vulnerability - Novell iPrint Client ActiveX GetPrinterURLList2 Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7010144 Applies to: iPrint Thu, 09 Feb 2012 14:28:46 GMT-7 7010143: Security Vulnerability - Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability http://www.novell.com/support/search.do?usemicrosite=true&searchString=7010143 Applies to: iPrint Thu, 09 Feb 2012 14:23:01 GMT-7