• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Novell Netware Xsession Unauthorizied Server Console Access Vulnerability

It is reported that Netware is affected by a vulnerability that may allow an unauthorized user to access the server console of a computer that is responsible for providing xwindows sessions. The cause of the vulnerability is an access validation error due to missing authentication routines.

This issue can allow an attacker to delete and manipulate data on the server and may lead to other attacks.

Novell Netware 6.5 SP2 and subsequent versions are reportedly affected by this vulnerability. It is possible that other versions are affected as well.