Description
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.
References (1)
Core 1
Core References
Patch x_refsource_confirm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm
Scores
EPSS
0.0023
EPSS Percentile
45.6%
Details
Status
published
Products (1)
novell/ichain
2.2
Published
Aug 27, 2003
Tracked Since
Feb 18, 2026