CVE-2015-0138

Name of the Vulnerable Software and Affected Versions IBM Tivoli Directory Server versions 6.0 through 6.0.0.73-ISS-ITDS-IF0073 IBM Tivoli Directory Server versions 6.1 through 6.1.0.66-ISS-ITDS-IF0066 IBM Tivoli Directory Server versions 6.2 through 6.2.0.42-ISS-ITDS-IF0042 IBM Tivoli Directory Server versions 6.3 through 6.3.0.35-ISS-ITDS-IF0035 IBM Security Directory Server versions 6.3.1 through 6.3.1.9-ISS-ISDS-IF0009

Description The issue makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT RSA ciphers via crafted TLS traffic, related to the "FREAK" issue. This could allow a remote attacker using man-in-the-middle techniques to facilitate bruteforce decryption of TLS/SSL traffic between vulnerable clients and servers.

Recommendations For IBM Tivoli Directory Server versions 6.0 through 6.0.0.73-ISS-ITDS-IF0073, update to version 6.0.0.73-ISS-ITDS-IF0073 or later. For IBM Tivoli Directory Server versions 6.1 through 6.1.0.66-ISS-ITDS-IF0066, update to version 6.1.0.66-ISS-ITDS-IF0066 or later. For IBM Tivoli Directory Server versions 6.2 through 6.2.0.42-ISS-ITDS-IF0042, update to version 6.2.0.42-ISS-ITDS-IF0042 or later. For IBM Tivoli Directory Server versions 6.3 through 6.3.0.35-ISS-ITDS-IF0035, update to version 6.3.0.35-ISS-ITDS-IF0035 or later. For IBM Security Directory Server versions 6.3.1 through 6.3.1.9-ISS-ISDS-IF0009, update to version 6.3.1.9-ISS-ISDS-IF0009 or later.