Security Bulletin: IBM Tivoli Directory Server use of NULL ciphers in default Transport Layer Security configuration would result in unencrypted communications (CVE-2012-0726)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  tds psirtsecurity psirtmedium
0 Comments | 456 Visits
IBM Tivoli Directory Server (TDS) enables NULL-MD5 and NULL-SHA ciphers in the default Transport Layer Security (TLS) configuration. Use of either of these ciphers would result in unencrypted communications.
Affected product(s): IBM Tivoli Directory Server
Affected version(s): 6.1, 6.2, 6.3
Refer to the following reference URLs for remediation and additional vulnerability details.
X-Force Database: http://xforce.iss.net/xforce/xfdb/74303