Description
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
Affected products
- Novell / ichain2.2 – 2.2
- Novell / ichain2.2 – 2.2
- Novell / ichain2.2 – 2.2
- Novell / ichain2.2 – 2.2
- Novell / ichain2.2 – 2.2
- Novell / ichain2.2.113 – 2.2.113
- Novell / ichain2.3 – 2.3
- Novell / ichain2.3 – 2.3
References
- MISChttp://www.osvdb.org/14648
- MISChttp://securitytracker.com/id?1013408
- MISChttp://www.infobyte.com.ar/adv/ISR-05.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/14607
- MISChttp://support.novell.com/cgi-bin/search/searchtid.cgi?/10096887.htm
- MAILING_LISThttp://marc.info/?l=bugtraq&m=111091517007681&w=2