Showing 1 - 3 of 3

CVE-2012-2668

Status Candidate

Overview

libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.

Related Files

Apple Security Advisory 2019-12-10-3: Posted Dec 12, 2019; Authored by Apple | Site apple.com; Apple Security Advisory 2019-12-10-3 - macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2012-1164, CVE-2012-2668, CVE-2013-4449, CVE-2015-1545, CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16301; MD5 | dddf2d42c70f63769a92decc6f5f8dfa; Download | Favorite | View

Gentoo Linux Security Advisory 201406-36: Posted Jul 1, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201406-36 - Multiple vulnerabilities were found in OpenLDAP, allowing for Denial of Service or a man-in-the-middle attack. Versions less than 2.4.35 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2009-3767, CVE-2010-0211, CVE-2010-0212, CVE-2011-1024, CVE-2011-1025, CVE-2011-1081, CVE-2011-4079, CVE-2012-1164, CVE-2012-2668; MD5 | 3092bbfe191e6220b042b41a35f15871; Download | Favorite | View

Red Hat Security Advisory 2012-1151-01: Posted Aug 8, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.; tags | advisory; systems | linux, redhat; advisories | CVE-2012-2668; MD5 | 5dbfb3d1c36d35bcadf0a4dde97a96d0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 104 files
Ubuntu 54 files
malvuln 37 files
Apple 14 files
Google Security Research 11 files
Gentoo 11 files
Taurus Omar 11 files
Richard Jones 9 files
nu11secur1ty 8 files
James Forshaw 6 files

File Archives

Systems

AIX (421)
Apple (1,796)
BSD (368)
CentOS (53)
Cisco (1,904)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,055)
HPUX (873)
iOS (292)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,860)
Mac OS X (676)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (9,955)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,238)
UNIX (8,890)
UnixWare (180)
Windows (5,935)
Other

CVE-2012-2668

Overview

Related Files

File Archive:

May 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems