3 matches found
CVE-2013-5185
The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network...
Apple Mac OS X OpenLDAP 'ldapsearch'命令安全漏洞(CVE-2013-5185)
BUGTRAQ ID: 63351 CVECAN ID: CVE-2013-5185 OS X(前称Mac OS X)是苹果公司为麦金塔电脑开发的专属操作系统的最新版本。 OS X 10.9之前版本的OpenLDAP里,ldapsearch命令行程序没有正确处理minssf配置设置,可使远程攻击者利用弱加密方式以进行网络嗅探,从而获取敏感信息。 0 Apple Mac OS X 10.9 厂商补丁: Apple ----- Apple已经为此发布了一个安全公告(msg00004)以及相应补丁: msg00004:APPLE-SA-2013-10-22-3 OS X Mavericks...
CVE-2013-5185
CVE-2013-5185 affects Apple Mac OS X prior to 10.9, where the ldapsearch utility in OpenLDAP does not correctly process the minssf setting, enabling remote attackers to sniff network traffic and obtain sensitive data via weak encryption. Public references from NVD/Red Hat/OS X security notices co...