CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
Percentile
79.9%
Issue Overview:
It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security (TLS) negotiation with OpenLDAP clients. (CVE-2012-2668)
Affected Packages:
openldap
Issue Correction:
Run yum update openldap to update your system.
New Packages:
i686:
openldap-clients-2.4.23-26.16.amzn1.i686
openldap-devel-2.4.23-26.16.amzn1.i686
openldap-debuginfo-2.4.23-26.16.amzn1.i686
openldap-servers-2.4.23-26.16.amzn1.i686
openldap-servers-sql-2.4.23-26.16.amzn1.i686
openldap-2.4.23-26.16.amzn1.i686
src:
openldap-2.4.23-26.16.amzn1.src
x86_64:
openldap-clients-2.4.23-26.16.amzn1.x86_64
openldap-servers-sql-2.4.23-26.16.amzn1.x86_64
openldap-2.4.23-26.16.amzn1.x86_64
openldap-devel-2.4.23-26.16.amzn1.x86_64
openldap-servers-2.4.23-26.16.amzn1.x86_64
openldap-debuginfo-2.4.23-26.16.amzn1.x86_64
Red Hat: CVE-2012-2668
Mitre: CVE-2012-2668