The Bar Mitzvah attack and its impact on eDirectory: CVE-2015-2808

  • 7017143
  • 12-Jan-2016
  • 08-Feb-2016


NetIQ eDirectory
NetIQ iManager 2.7.7


The "Bar Mitzvah" attach is just another exploit of the known weaknesses old algorithms present, in this case RC4.  The weak keys contained in RC4 could allow an attacker to recover plain text from previously captured encrypted traffic.

Therefore, a server would only be vulnerable if the RC4 based ciphers were used.   This vulnerability exists because of the availability of the RC4 algorithm in ciphers used by the TLS protocol.


In order to protect eDirectory LDAP server traffic the bind restrictions must be set to HIGH on the LDAP server object.

When set to high the RC4 algorithm will not be accepted by the server.  This can be done by adding a value of 48 to the bind restrictions attribute.  For more information please refer to the eDirectory 8.8 Admin Guide in the "Configuring LDAP Services for NetIQ eDirectory" section.