Showing 1 - 2 of 2

CVE-2012-2668

Status Candidate

Overview

libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.

Related Files

Gentoo Linux Security Advisory 201406-36: Posted Jul 1, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201406-36 - Multiple vulnerabilities were found in OpenLDAP, allowing for Denial of Service or a man-in-the-middle attack. Versions less than 2.4.35 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2009-3767, CVE-2010-0211, CVE-2010-0212, CVE-2011-1024, CVE-2011-1025, CVE-2011-1081, CVE-2011-4079, CVE-2012-1164, CVE-2012-2668; MD5 | 3092bbfe191e6220b042b41a35f15871; Download | Favorite | Comments (0)

Red Hat Security Advisory 2012-1151-01: Posted Aug 8, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.; tags | advisory; systems | linux, redhat; advisories | CVE-2012-2668; MD5 | 5dbfb3d1c36d35bcadf0a4dde97a96d0; Download | Favorite | Comments (0)