Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-2668HistoryJun 17, 2012 - 3:41 a.m.
CVE-2012-2668
2012-06-1703:41:41
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.007
Percentile
79.9%
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openldap | < 2.5.13+dfsg-5 | openldap_2.5.13+dfsg-5_all.deb |
| Debian | 11 | all | openldap | < 2.4.57+dfsg-3+deb11u1 | openldap_2.4.57+dfsg-3+deb11u1_all.deb |
| Debian | 999 | all | openldap | < 2.5.18+dfsg-3 | openldap_2.5.18+dfsg-3_all.deb |
| Debian | 13 | all | openldap | < 2.5.18+dfsg-3 | openldap_2.5.18+dfsg-3_all.deb |
Related
prion
prion
Default credentials
2012-06-17 03:41:00
openvas
openvas
CentOS Update for openldap CESA-2012:1151 centos6
2012-08-09 00:00:00
RedHat Update for openldap RHSA-2012:1151-01
2012-08-09 00:00:00
CentOS Update for openldap CESA-2012:1151 centos6
2012-08-09 00:00:00
centos
centos
openldap security update
2012-08-08 18:55:28
nvd
nvd
CVE-2012-2668
2012-06-17 03:41:41
nessus
nessus
Amazon Linux AMI : openldap (ALAS-2012-117)
2013-09-04 00:00:00
Oracle Linux 6 : openldap (ELSA-2012-1151)
2013-07-12 00:00:00
CentOS 6 : openldap (CESA-2012:1151)
2012-08-10 00:00:00
oraclelinux
oraclelinux
openldap security and bug fix update
2012-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openldap-2.4.31-3.fc17
2012-07-17 17:22:22
[SECURITY] Fedora 16 Update: openldap-2.4.26-8.fc16
2012-07-17 17:26:49
ubuntucve
ubuntucve
CVE-2012-2668
2012-06-17 00:00:00
veracode
veracode
Weak Cipher Suite
2019-01-15 08:55:35
amazon
amazon
Low: openldap
2012-08-18 05:14:00
redhat
redhat
(RHSA-2012:1151) Low: openldap security and bug fix update
2012-08-08 00:00:00
(RHSA-2012:1200) Moderate: rhev-hypervisor6 security and bug fix update
2012-08-23 00:00:00
cvelist
cvelist
CVE-2012-2668
2012-06-17 01:00:00
cve
cve
CVE-2012-2668
2012-06-17 03:41:41
gentoo
gentoo
OpenLDAP: Multiple vulnerabilities
2014-06-30 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
0.007
Percentile
79.9%
Related for DEBIANCVE:CVE-2012-2668