Novell BorderManager URL Rule Restriction Bypass Vulnerability

URL based access rules set on subdirectories on an intranet running Novell BorderManager may be bypassed if http encoded characters are used in the URL request.

Eg.
To access http://target/subdirectory, type:
http://target/subdir%45ctory


 

Privacy Statement
Copyright 2010, SecurityFocus