In association with heise online

12 October 2006, 12:53

Security update for Novell's BorderManager

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Novell has released an update for its BorderManager VPN software that eliminates a denial of service flaw. Several other improvements that increase security have also been added in as part of measures to achieve recertification based on the ICSA guidelines.

Prior to the patch, attackers from the net could use specific IKE and IPSec settings to initiate a denial of service attack on BorderManager. To satisfy the ICSA guidelines, Novell had to improve the algorithm that creates random numbers for responder cookies. To achieve renewal of their certification, the manufacturer also had to fine tune the handling of the Security Associations (SA) for the IPSec quick mode, which allows IPSec with dynamic IPs.

The ICSA guidelines incorporate portions of the Common Criteria, among other items. The certification process is actually more affordable than other tests that software must pass before being used by organisations like civil authorities.

The update presumes the installation of Service Pack 4 for BorderManager 3.8. Users of BorderManager are encouraged to apply the patch as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit