Vulnerability Details CVE-2006-0998
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/19324
- http://securitytracker.com/id?1015799
- http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.osvdb.org/24047
- http://www.securityfocus.com/bid/17176
- http://www.securityfocus.com/bid/64758
- http://www.vupen.com/english/advisories/2006/1043
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25381
- http://secunia.com/advisories/19324
- http://securitytracker.com/id?1015799
- http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm
- http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
- http://www.osvdb.org/24047
- http://www.securityfocus.com/bid/17176
- http://www.securityfocus.com/bid/64758
- http://www.vupen.com/english/advisories/2006/1043
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25381
Products affected by CVE-2006-0998
-
cpe:2.3:o:novell:netware:6.5
-
cpe:2.3:o:novell:open_enterprise_server:-
-
cpe:2.3:o:novell:open_enterprise_server:1
-
cpe:2.3:o:novell:open_enterprise_server:1.x
-
cpe:2.3:o:novell:open_enterprise_server:11.0
-
cpe:2.3:o:novell:open_enterprise_server:2
-
cpe:2.3:o:novell:open_enterprise_server:2.0.1
-
cpe:2.3:o:novell:open_enterprise_server:2.0.2
-
cpe:2.3:o:novell:open_enterprise_server:2.0.3
-
cpe:2.3:o:novell:open_enterprise_server:9.0