EUVD-2015-3326

Malware in sbrugna...

RHEL 6 : openldap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openldap: incorrect multi-keyword mode cipherstring parsing CVE-2015-3276 -...

SUSE CVE-2015-3278

The cipherstring parsing code in nsscompatossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors...

CVE-2015-3278

The cipherstring parsing code in nsscompatossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors...

CVE-2015-3278

CVE-2015-3278 involves the cipherstring parsing code in the NSS compatibility layer, specifically the nss_compat_ossl component, which in multi-keyword mode fails to match the expected cipher set for a given cipher combination. The underlying issue is a mismatch in how cipherstrings are parsed, e...

PT-2015-6129 · Openldap +3 · Openldap +3

Name of the Vulnerable Software and Affected Versions: OpenLDAP affected versions not specified Description: The issue is related to the nss parse ciphers function in OpenLDAP, which does not properly parse OpenSSL-style multi-keyword mode cipher strings. This might cause a weaker than intended...