• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Novell iChain Web Server Failed Login Page Cross-Site Scripting Vulnerability

Solution:
Novell has released Technical Information Document (TID2968872) and iChain 2.2 Support Pack 3 Beta 1; this support pack contains a fix to address this and other issues. Please see the referenced Technical Information Document for further details regarding obtaining and applying this support pack.

The vendor has reported that Novell iChain builds 2.2.113 and later are not prone to this issue. Users are advised to upgrade to the fixed versions by contacting the vendor.