Description
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
Product(s):
- Novell iChain 2.2.113
- Novell iChain 2.2
- Novell iChain 2.2 SP1
- Novell iChain 2.2 SP1a
- Novell iChain 2.2 SP2
- Novell iChain 2.2 SP3
- Novell iChain 2.3
- Novell iChain 2.3 SP2
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0798, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0798 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.