CVE-2012-2668
OpenLDAP < 2.4.31 - Unintended Weak Cipher Suite Usage via Mozilla NSS Backend
Title source: llmDescription
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information.
References (15)
Core 15
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/06/06/2
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201406-36.xml
Issue Tracking x_refsource_misc
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676309
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1151.html
Various Sources x_refsource_confirm
http://www.openldap.org/its/index.cgi?findid=7285
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/06/05/4
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=825875
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/06/06/1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/76099
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027127
Various Sources x_refsource_confirm
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git%3Ba=commitdiff%3Bh=2c2bb2e
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53823
Vendor Advisory x_refsource_confirm
https://support.apple.com/kb/HT210788
Mailing List mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Dec/23
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Dec/26
Scores
EPSS
0.0411
EPSS Percentile
89.6%
Details
CWE
CWE-200
Status
published
Products (26)
openldap/openldap
2.4.6
openldap/openldap
2.4.7
openldap/openldap
2.4.8
openldap/openldap
2.4.9
openldap/openldap
2.4.10
openldap/openldap
2.4.11
openldap/openldap
2.4.12
openldap/openldap
2.4.13
openldap/openldap
2.4.14
openldap/openldap
2.4.15
... and 16 more
Published
Jun 17, 2012
Tracked Since
Feb 18, 2026