Two Novell security updates
Novell has released security updates for two of its products. One of the updates closes a hole in Novell NetMail which can be exploited to compromise a system. No further details have been given. The affected version is said to be 3.5.2.
The second update resolves three vulnerabilities in Novell BorderManager 3.8. One of the vulnerabilities allows specially crafted HTTP traffic to bypass some security checks. Proxy authentication and proxy access control can be outsmarted when a HTTP request has already been passed through a previous proxy. In addition, the update resolves a critical flaw in Novell Client Trust: a vulnerability that has probably been known for two months.
- Potential Security Vulnerability in NetMail 3.5.2, Novell security advisory
- BorderManager 3.8 Support Pack5 Interim Release 1, Novell security advisory
(mba)