389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.
References
Configurations
History
13 Feb 2023, 00:48
Type | Values Removed | Values Added |
---|---|---|
Summary | 389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher. | |
References |
|
02 Feb 2023, 16:16
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2015-3230 389-ds-base: nsSSL3Ciphers preference not enforced server side (regression) | |
References |
|
Information
Published : 2015-10-29 20:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-3230
Mitre link : CVE-2015-3230
CVE.ORG link : CVE-2015-3230
JSON object : View
Products Affected
fedoraproject
- 389_directory_server
CWE
CWE-254
7PK - Security Features