• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Novell Identity Manager Client Login Extension Local Information Disclosure Vulnerability

Novell Identity Manager is prone to a local information-disclosure vulnerability that arises because of a design error.

An attacker could exploit this issue to gain access to usernames and passwords for the application. Information obtained may aid in further attacks.

Versions prior to Novell Identity Manager 3.5.1 20070730 are vulnerable.