I asked iChain forum about the following question a few days ago but
there may be a problem not only with iChain 2.3SP6 but NetWare 6.x itself.

Is OES2/NetWare 6.5SP8 affected by the following vulnerability:
http://cve.mitre.org/cgi-bin/cvename...=CVE-2009-3555

I'm afraid of HTTPSTK.NLM+PORTAL.NLM combination which uses WinSock SSL
implementation for NetWare. Low level WinSock libraries NILE.NLM and
WSPSSL.NLM looks outdated?

Thank you in advance,
Andrey Karyagin

United Card Service
Software Development Department