Lucene search

K

RedhatCVELIST:CVE-2012-2668

HistoryJun 17, 2012 - 1:00 a.m.

CVE-2012-2668

2012-06-1701:00:00

redhat

www.cve.org

17

AI Score

9.3

Confidence

High

EPSS

0.007

Percentile

79.9%

libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309

rhn.redhat.com/errata/RHSA-2012-1151.html

seclists.org/fulldisclosure/2019/Dec/26

security.gentoo.org/glsa/glsa-201406-36.xml

www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e

www.openldap.org/its/index.cgi?findid=7285

www.openwall.com/lists/oss-security/2012/06/05/4

www.openwall.com/lists/oss-security/2012/06/06/1

www.openwall.com/lists/oss-security/2012/06/06/2

www.securityfocus.com/bid/53823

www.securitytracker.com/id?1027127

bugzilla.redhat.com/show_bug.cgi?id=825875

exchange.xforce.ibmcloud.com/vulnerabilities/76099

seclists.org/bugtraq/2019/Dec/23

support.apple.com/kb/HT210788

AI Score

9.3

Confidence

High

EPSS

0.007

Percentile

79.9%

Related for CVELIST:CVE-2012-2668

prion1 openvas13 centos1 nvd1 nessus10 oraclelinux1 fedora2 ubuntucve1 veracode1 amazon1 redhat2 debiancve1 cve1 gentoo1 apple2