18 matches found
MiracleLinux 4 : openldap-2.4.23-26.AXS4.2 (AXSA:2012-882:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-882:03 advisory. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing...
macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007
The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2019-007, 10.14.x prior to 10.14.6 Security Update 2019-002, or 10.15.x prior to 10.15.2. It is, therefore, affected by multiple vulnerabilities : - slapd in OpenLDAP before 2.4.30 allows...
Apple Mac OS X Security Updates (HT210788)-02
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2012-1151)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2012-117)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : rhev-hypervisor6 (RHSA-2012:1200)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:1200 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...
Oracle Linux 6 : openldap (ELSA-2012-1151)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1151 advisory. - CVE-2012-2668 825875 cipher suite selection by name can be ignored default cipher suite is always selected Tenable has extracted the preceding description blo...
Fedora Update for openldap FEDORA-2012-10000
Check for the Version of openldap OpenVAS Vulnerability Test Fedora Update for openldap FEDORA-2012-10000 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for openldap FEDORA-2012-10000
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Moderate: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 6 : openldap (RHSA-2012:1151)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1151 advisory. - openldap: does not honor TLSCipherSuite settings CVE-2012-2668 Note that Nessus has not tested for this issue but has instead relied only on the...
Scientific Linux Security Update : openldap on SL6.x i386/x86_64 (20120808)
It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security TLS negotiation with OpenLDAP clients. CVE-2012-2668 This...
RedHat Update for openldap RHSA-2012:1151-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Low: Red Hat Security Advisory: openldap security and bug fix update
Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
openldap security and bug fix update
2.4.23-26.2 - CVE-2012-2668 825875 cipher suite selection by name can be ignored default cipher suite is always selected 2.4.23-26.1 - fix: smbk5pwd module computes invalid LM hashes 820278...
Fedora 16 : openldap-2.4.26-8.fc16 (2012-10023)
security and bug fix update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 17 : openldap-2.4.31-3.fc17 (2012-10000)
TLS bugfixes and one security fix. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
CVE-2012-2668
CVE-2012-2668 affects OpenLDAP: when using the Mozilla NSS backend, tls_m.c may ignore TLSCipherSuite and select the default cipher suite, potentially enabling weaker ciphers and permitting information disclosure via TLS. Affected: OpenLDAP (likely 2.4.31 and earlier). Impact: remote attacker cou...