The ldapsearch command-line program in OpenLDAP in Apple Mac OS X prior to 10.9 does not properly process the minssf configuration setting, which allows remote malicious users to obtain sensitive information by leveraging unintended weak encryption and sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
||
apple mac os x 10.8.0 |
||
apple mac os x 10.8.1 |
||
apple mac os x 10.8.2 |
||
apple mac os x 10.8.3 |
||
apple mac os x 10.8.4 |
||
apple mac os x 10.8.5 |