Novell SecureLogin < 6.0.106 Multiple Vulnerabilities
Critical Nessus Plugin ID 25125
SynopsisThe remote Windows host has an application that is affected by multiple issues.
DescriptionThe version of Novell SecureLogin installed on the remote host is earlier than 6.0.106. Such versions reportedly grant a user excessive permissions to their own attributes in an Active Directory (AD) environment.
There is also a security issue with AD password change.
Note that Novell strongly recommends the patch be applied if operating in an Active Directory environment regardless of whether SecureLogin is deployed in eDirectory or AD mode.
SolutionApply Novell SecureLogin 6.0.106 patch or later.