Weak Encryption Vulnerability in OpenLDAP's ldapsearch Command-Line Program in Apple Mac OS X

Weak Encryption Vulnerability in OpenLDAP's ldapsearch Command-Line Program in Apple Mac OS X

CVE-2013-5185 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The ldapsearch command-line program in OpenLDAP in Apple Mac OS X before 10.9 does not properly process the minssf configuration setting, which allows remote attackers to obtain sensitive information by leveraging unintended weak encryption and sniffing the network.

Learn more about our Network Penetration Testing.