libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and previous versions, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote malicious users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openldap openldap 2.4.17 |
||
openldap openldap 2.4.6 |
||
openldap openldap 2.4.11 |
||
openldap openldap 2.4.8 |
||
openldap openldap 2.4.26 |
||
openldap openldap 2.4.9 |
||
openldap openldap 2.4.16 |
||
openldap openldap |
||
openldap openldap 2.4.29 |
||
openldap openldap 2.4.22 |
||
openldap openldap 2.4.25 |
||
openldap openldap 2.4.20 |
||
openldap openldap 2.4.15 |
||
openldap openldap 2.4.18 |
||
openldap openldap 2.4.27 |
||
openldap openldap 2.4.7 |
||
openldap openldap 2.4.28 |
||
openldap openldap 2.4.23 |
||
openldap openldap 2.4.24 |
||
openldap openldap 2.4.14 |
||
openldap openldap 2.4.19 |
||
openldap openldap 2.4.12 |
||
openldap openldap 2.4.21 |
||
openldap openldap 2.4.30 |
||
openldap openldap 2.4.13 |
||
openldap openldap 2.4.10 |