Lucene search

K

MitreCVELIST:CVE-2016-3125

HistoryApr 05, 2016 - 8:00 p.m.

CVE-2016-3125

2016-04-0520:00:00

mitre

www.cve.org

5

AI Score

7.5

Confidence

High

EPSS

0.006

Percentile

77.9%

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.

References

bugs.proftpd.org/show_bug.cgi?id=4230

lists.fedoraproject.org/pipermail/package-announce/2016-March/179109.html

lists.fedoraproject.org/pipermail/package-announce/2016-March/179143.html

lists.fedoraproject.org/pipermail/package-announce/2016-March/179905.html

lists.opensuse.org/opensuse-updates/2016-05/msg00080.html

lists.opensuse.org/opensuse-updates/2016-06/msg00045.html

proftpd.org/docs/NEWS-1.3.5b

proftpd.org/docs/NEWS-1.3.6rc2

www.openwall.com/lists/oss-security/2016/03/11/14

www.openwall.com/lists/oss-security/2016/03/11/3

AI Score

7.5

Confidence

High

EPSS

0.006

Percentile

77.9%

Related for CVELIST:CVE-2016-3125

ubuntucve1 mageia1 nessus8 cve1 openvas2 fedora3 debiancve1 nvd1 prion1 freebsd1 osv1