In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used du…
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.
https://cwe.mitre.org/data/definitions/757.html →Open in CWE collection →An adversary takes advantage of weaknesses in the protocol by which a client and server are communicating to perform unexpected actions. Communication protocols are necessary to transfer messages between client and server applications. Moreover, different protocols may be used for different types of interactions.
https://capec.mitre.org/data/definitions/220.html →Open in CAPEC collection →An attacker, with control of a Cellular Rogue Base Station or through cooperation with a Malicious Mobile Network Operator can force the mobile device (e.g., the retransmission device) to use no encryption (A5/0 mode) or to use easily breakable encryption (A5/1 or A5/2 mode).
https://capec.mitre.org/data/definitions/606.html →Open in CAPEC collection →An attacker forces the encryption level to be lowered, thus enabling a successful attack against the encrypted data.
https://capec.mitre.org/data/definitions/620.html →Open in CAPEC collection →