Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Is Junos affected by the 'CVE-2012-2668' vulnerability?



Article ID: KB25343 KB Last Updated: 01 Aug 2012Version: 1.0
This article provides information about the possibility of Junos being affected by the CVE-2012-2668 vulnerability.
Excerpt from CVE-2012-2668:

"Original release date:06/17/2012
Last revised:06/20/2012


libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information."
  • The file, which was reported as vulnerable (tls_m.c), is not found in the Junos code.

  • Additionally, PKID LDAP files do not refer to any TLS functionality.

  • Evidently, Junos OS does not come with the OpenLDAP toolkit; so this CVE is not applicable to Junos.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search