Secunia Advisories reports that Novell has issued a support pack for iChain. This fixes the following vulnerabilities, which can be exploited by malicious people to hijack another user's session, cause a DoS (Denial of Service) and maybe compromise a system.
1) A user can hijack another user's session if the new user's session is opened on the same port.
2) The server can be crashed by using WGET.
3) iChain is affected by the OpenSSL vulnerabilities in the ASN.1 parsing.
View the original Novell advisory at http://support.novell.com/cgi-bin/search/searchtid.cgi?/2967175.htm