{"id": "REDHAT-RHSA-2015-1072.NASL", "bulletinFamily": "scanner", "title": "RHEL 6 / 7 : openssl (RHSA-2015:1072) (Logjam)", "description": "Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL\nto reject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit\nto 1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.", "published": "2015-06-05T00:00:00", "modified": "2015-06-05T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/84005", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/cve-2015-4000", "http://www.nessus.org/u?c2ae9f76", "https://access.redhat.com/errata/RHSA-2015:1072", "https://access.redhat.com/articles/1456263"], "cvelist": ["CVE-2015-4000"], "type": "nessus", "lastseen": "2021-02-06T13:44:49", "edition": 30, "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-4000"]}, {"type": "f5", "idList": ["F5:K16674", "SOL16674"]}, {"type": "citrix", "idList": ["CTX201114"]}, {"type": "nessus", "idList": ["ALA_ALAS-2015-569.NASL", "AIX_IV75646.NASL", "PCI_WEAK_DH_UNDER_2048.NASL", "SUSE_SU-2016-1618-1.NASL", "AIX_IV75644.NASL", "WEBSPHERE_527817.NASL", "SL_20150604_OPENSSL_ON_SL6_X.NASL", "SSH_LOGJAM.NASL", "SSL_DH_EXPORT_SUPPORTED_CIPHERS.NASL", "ORACLEVM_OVMSA-2015-0065.NASL"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CONFSERVER-38295", "ATLASSIAN:JRA-44296", "ATLASSIAN:CONF-38295", "ATLASSIAN:JRASERVER-44296"]}, {"type": "cisa", "idList": ["CISA:C6FC512213BBB287A39B2B11F25268A6"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310869416", "OPENVAS:1361412562310882210", "OPENVAS:1361412562310869382", "OPENVAS:1361412562310130117", "OPENVAS:1361412562310882192", "OPENVAS:1361412562310842212", "OPENVAS:1361412562310123090", "OPENVAS:1361412562310882207", "OPENVAS:1361412562310871382", "OPENVAS:1361412562310869508"]}, {"type": "fedora", "idList": ["FEDORA:1B5E26014558", "FEDORA:DF12460167D9", "FEDORA:0247660876CD", "FEDORA:EC81E60167DA", "FEDORA:3733C6079D2E", "FEDORA:2C4EB601455B"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1185", "ELSA-2015-1072"]}, {"type": "threatpost", "idList": ["THREATPOST:7C04F69C011AEFD7882B6B95405A26C6"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1177-1", "OPENSUSE-SU-2016:0255-1", "OPENSUSE-SU-2016:0226-1", "SUSE-SU-2015:1177-2", "SUSE-SU-2016:0262-1"]}, {"type": "mozilla", "idList": ["MFSA2015-70"]}, {"type": "nmap", "idList": ["NMAP:SSL-DH-PARAMS.NSE"]}, {"type": "aix", "idList": ["SENDMAIL_ADVISORY2.ASC"]}, {"type": "debian", "idList": ["DEBIAN:DLA-507-1:8A944"]}, {"type": "centos", "idList": ["CESA-2015:1072"]}, {"type": "amazon", "idList": ["ALAS-2015-569"]}, {"type": "redhat", "idList": ["RHSA-2015:1072", "RHSA-2015:1185"]}], "modified": "2021-02-06T13:44:49", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2021-02-06T13:44:49", "rev": 2}, "vulnersScore": 5.0}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1072. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84005);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_xref(name:\"RHSA\", value:\"2015:1072\");\n\n script_name(english:\"RHEL 6 / 7 : openssl (RHSA-2015:1072) (Logjam)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated openssl packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL\nv2/v3) and Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL\nto reject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit\nto 1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. For the update\nto take effect, all services linked to the OpenSSL library must be\nrestarted, or the system rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/1456263\"\n );\n # https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2ae9f76\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-4000\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1072\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-perl-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"openssl-static-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"openssl-static-1.0.1e-30.el6_6.9\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-30.el6_6.9\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-devel-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-libs-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"openssl-perl-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"openssl-static-1.0.1e-42.el7_1.6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "84005", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openssl-libs", "p-cpe:/a:redhat:enterprise_linux:openssl-static", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.1", "cpe:/o:redhat:enterprise_linux:7.7", "p-cpe:/a:redhat:enterprise_linux:openssl-debuginfo", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:6.6", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:openssl-perl", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:openssl", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:openssl-devel"], "scheme": null, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T06:21:25", "description": "The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the \"Logjam\" issue.", "edition": 10, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.7, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2015-05-21T00:59:00", "title": "CVE-2015-4000", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-4000"], "modified": "2021-01-20T15:15:00", "cpe": ["cpe:/a:google:chrome:-", "cpe:/a:oracle:jre:1.6.0", "cpe:/o:suse:linux_enterprise_desktop:12", "cpe:/a:ibm:content_manager:8.5", "cpe:/o:suse:suse_linux_enterprise_server:12", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/a:mozilla:firefox_esr:38.1.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:mozilla:seamonkey:2.35", "cpe:/a:openssl:openssl:1.0.2a", "cpe:/a:mozilla:firefox_esr:31.8", "cpe:/a:mozilla:thunderbird:31.8", "cpe:/a:oracle:jdk:1.6.0", "cpe:/o:suse:linux_enterprise_server:11.0", "cpe:/o:apple:iphone_os:8.3", "cpe:/a:oracle:sparc-opl_service_processor:1121", "cpe:/a:oracle:jre:1.8.0", "cpe:/a:oracle:jdk:1.7.0", "cpe:/o:suse:linux_enterprise_software_development_kit:12", "cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/a:oracle:jrockit:r28.3.6", "cpe:/a:opera:opera_browser:-", "cpe:/a:openssl:openssl:1.0.1m", "cpe:/a:oracle:jre:1.7.0", "cpe:/a:mozilla:thunderbird:38.1", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:hp:hp-ux:b.11.31", "cpe:/o:apple:mac_os_x:10.10.3", "cpe:/a:mozilla:firefox:*", "cpe:/o:mozilla:firefox_os:2.2", "cpe:/a:microsoft:ie:*", "cpe:/a:oracle:jdk:1.8.0", "cpe:/a:apple:safari:*", "cpe:/a:mozilla:firefox:39.0", "cpe:/a:mozilla:network_security_services:3.19", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2015-4000", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*", "cpe:2.3:o:apple:iphone_os:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*", "cpe:2.3:a:oracle:sparc-opl_service_processor:1121:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*", "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*", "cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*", "cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.7.0:update_80:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:ie:*:*:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdk:1.6.0:update_95:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "f5": [{"lastseen": "2020-01-22T20:28:29", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "description": "\nF5 Product Development has assigned ID 524279 (BIG-IP), ID 525279 (BIG-IQ), and ID 525280 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. In addition, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) lists Heuristic H524636 on the **Diagnostics** &gt; **Identified** &gt; **Medium** page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP AAM | 11.4.0 - 11.6.3 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Client SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP AFM | 11.3.0 - 11.6.3 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Client SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP Analytics | 11.0.0 - 11.6.3 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Client SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP APM | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP ASM | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP DNS | None | 12.0.0 | Not vulnerable | None \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP GTM | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | 11.6.3.2 \n11.5.4 HF4 | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP Link Controller | 11.0.0 - 11.6.3 \n10.1.0 - 10.2.4 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP PEM | 11.3.0 - 11.6.3 | 12.0.0 \n11.6.3.2 \n11.5.4 HF4 | Medium | Client SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP PSM | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | None | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nBIG-IP WOM | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | None | Medium | Configuration utility1 \nClient SSL profile with COMPAT, EXP, or EXPORT ciphers enabled \nServer SSL profile or HTTPS health monitor using EXPORT or DHE cipher suites \nSSL Forward Proxy using EXPORT or DHE cipher suites \nARX | 6.0.0 - 6.4.0 | None | Medium | ARX GUI \nEnterprise Manager | 2.1.0 - 2.3.0 | 3.0.0 - 3.1.1 | Medium | Configuration utility \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nLineRate | None | 2.4.0 - 2.6.0 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | 4.0.0 - 4.1.0 \n3.3.2 - 3.5.1 | None | Low | SDC configuration with EXPORT grade ciphers \nBIG-IP Edge Clients for Android | None | 2.0.0 - 2.0.7 | Not vulnerable | None \nBIG-IP Edge Clients for Apple iOS | None | 2.0.0 - 2.0.4 \n1.0.5 - 1.0.6 | Not vulnerable | None \nBIG-IP Edge Clients for Linux | None | 6035.x - 7110.x | Not vulnerable | None \nBIG-IP Edge Clients for MAC OS X | None | 6035.x - 7110.x | Not vulnerable | None \nBIG-IP Edge Clients for Windows | None | 6035.x - 7110.x | Not vulnerable | None \nBIG-IP Edge Clients Windows Phone 8.1 | None | 1.0.0 - 1.1.0 | Not vulnerable | None \nBIG-IP Edge Portal for Android | None | 1.0.0 - 1.0.2 | Not vulnerable | None \nBIG-IP Edge Portal for Apple iOS | None | 1.0.0 - 1.0.3 | Not vulnerable | None \n \n1 The Configuration utility is vulnerable in BIG-IP 10.1.0 through 10.2.4 only.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nBIG-IP\n\n11.x\n\nClient SSL profiles are not vulnerable in a default configuration. If you have configured custom Client SSL profiles, you can mitigate this vulnerability by configuring your Client SSL profile to exclude COMPAT, EXP, and EXPORT ciphers. To do so, refer to [K13171: Configuring the cipher strength for SSL profiles (11.x)](<https://support.f5.com/csp/article/K13171>).\n\nBIG-IP systems configured with Server SSL profiles or HTTPS health monitors are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\nBIG-IP systems configured for SSL Forward Proxy are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\n10.x\n\nClient SSL profiles are not vulnerable in a default configuration. If you have configured custom Client SSL profiles, you can mitigate this vulnerability by configuring your Client SSL profile to exclude COMPAT, EXP, and EXPORT ciphers. To do so, refer to [K7815: Configuring the cipher strength for SSL profiles (9.x - 10.x)](<https://support.f5.com/csp/article/K7815>).\n\nBIG-IP systems configured with Server SSL profiles or HTTPS health monitors are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\nTo mitigate this vulnerability in the BIG-IP Configuration utility, you can modify the Apache server configuration to exclude EXP and EXPORT ciphers. For example, the default SSL cipher string in your configuration may appear similar to the following example:\n\nALL:!ADH:!EXPORT56:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP\n\nYou can mitigate this vulnerability by excluding the EXPORT and EXP ciphers by using a string similar to the following example:\n\nALL:!ADH:**!EXPORT**:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2\n\nFor more information about restricting ciphers for Configuration utility access, refer to [K6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x)](<https://support.f5.com/csp/article/K6768>).\n\nEnterprise Manager\n\nTo mitigate this vulnerability in the Enterprise Manager Configuration utility, you can modify the Apache server configuration to exclude EXP and EXPORT ciphers. For example, the default SSL cipher string in your configuration may appear similar to the following example:\n\nALL:!ADH:!EXPORT56:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP\n\nYou can mitigate this vulnerability by excluding the EXPORT and EXP ciphers by using a string similar to the following example:\n\nALL:!ADH:**!EXPORT**:**!EXP**:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2\n\nFor more information about restricting ciphers for Configuration utility access, refer to [K6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x)](<https://support.f5.com/csp/article/K6768>).\n\nARX\n\nTo mitigate this vulnerability, you can disable EXPORT grade SSL ciphers, such as SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA and SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, in the ARX GUI.\n\nTraffix SDC\n\nTraffix SDC configurations are not vulnerable with default cipher settings. To mitigate this vulnerability, do not configure EXPORT grade ciphers in the SDC configuration.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K10942: Installing OPSWAT hotfixes on BIG-IP APM systems (10.x - 11.3.0)](<https://support.f5.com/csp/article/K10942>)\n", "edition": 1, "modified": "2018-06-25T23:59:00", "published": "2015-05-22T01:25:00", "id": "F5:K16674", "href": "https://support.f5.com/csp/article/K16674", "title": "TLS vulnerability CVE-2015-4000", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2016-12-03T05:27:50", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "edition": 1, "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the **Severity** value. Security Advisory articles published before this date do not list a **Severity** value.\n\nVulnerability Recommended Actions\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\n**BIG-IP**\n\n**11.x**\n\nClient SSL profiles are not vulnerable in a default configuration. If you have configured custom Client SSL profiles, you can mitigate this vulnerability by configuring your Client SSL profile to exclude COMPAT, EXP, and EXPORT ciphers. To do so, refer to SOL13171: Configuring the cipher strength for SSL profiles (11.x).\n\nBIG-IP systems configured with Server SSL profiles or HTTPS health monitors are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\nBIG-IP systems configured for SSL Forward Proxy are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\n**10.x**\n\nClient SSL profiles are not vulnerable in a default configuration. If you have configured custom Client SSL profiles, you can mitigate this vulnerability by configuring your Client SSL profile to exclude COMPAT, EXP, and EXPORT ciphers.\u00c2 To do so, refer to SOL7815: Configuring the cipher strength for SSL profiles (9.x - 10.x).\n\nBIG-IP systems configured with Server SSL profiles or HTTPS health monitors are vulnerable as a client, when using EXPORT or DHE cipher suites, when the backend server supports EXPORT ciphers. To mitigate this issue, disable the use of EXPORT and DHE cipher suites. Adding !EXPORT, !COMPAT, and !DHE to the cipher string that is in use will do this, however, if a custom cipher string is in use, it must disable the use of both export and non-export grade DHE to mitigate this issue.\n\nTo mitigate this vulnerability in the BIG-IP Configuration utility, you can modify the Apache server configuration to exclude EXP and EXPORT ciphers. For example, the default SSL cipher string in your configuration may appear similar to the following example:\n\nALL:!ADH:!EXPORT56:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP\n\nYou can mitigate this vulnerability by excluding the EXPORT and EXP ciphers by using a string similar to the following example:\n\nALL:!ADH:**!EXPORT**:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2\n\nFor more information about restricting ciphers for Configuration utility access, refer to SOL6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x).\n\n**Enterprise Manager**\n\nTo mitigate this vulnerability in the Enterprise Manager Configuration utility, you can modify the Apache server configuration to exclude EXP and EXPORT ciphers. For example, the default SSL cipher string in your configuration may appear similar to the following example:\n\nALL:!ADH:!EXPORT56:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP\n\nYou can mitigate this vulnerability by excluding the EXPORT and EXP ciphers by using a string similar to the following example:\n\nALL:!ADH:**!EXPORT**:**!EXP**:!eNULL:!MD5:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2\n\nFor more information about restricting ciphers for Configuration utility access, refer to SOL6768: Restricting Configuration utility access to clients using high encryption SSL ciphers (9.x - 10.x).\n\n**ARX**\n\nTo mitigate this vulnerability, you can disable EXPORT grade SSL ciphers, such as SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA and SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, in the ARX GUI.\n\n**Traffix SDC**\n\nTraffix SDC configurations are not vulnerable with default cipher settings. To mitigate this vulnerability, do not configure EXPORT grade ciphers in the SDC configuration.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL10942: Installing OPSWAT hotfixes on BIG-IP APM systems\n", "modified": "2016-07-25T00:00:00", "published": "2015-05-21T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/600/sol16674.html", "id": "SOL16674", "title": "SOL16674 - TLS vulnerability CVE-2015-4000", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "citrix": [{"lastseen": "2020-11-18T15:29:40", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n<h2> Overview</h2>\n<div>\n<div>\n<div>\n<p>A TLS protocol vulnerability has been recently disclosed that could result in attackers being able to intercept and modify SSL/TLS encrypted traffic to servers that support Diffie-Hellman based export cipher suites. </p>\n<p>This vulnerability is known as 'LogJam' and has been assigned the following CVE number:</p>\n<ul>\n<li>CVE-2015-4000: <a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000</a></li>\n</ul>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Customers Should Do</h2>\n<div>\n<div>\n<div>\n<p>Citrix has completed an assessment of this issue. As this is a flaw in the TLS protocol, rather than a specific implementation issue, Citrix recommends that customers disable all Diffie-Hellman based export ciphers on SSL/TLS server end-points.</p>\n<p>For further information on configuring cipher selection on Citrix products to remove Diffie-Hellman based export ciphers, please contact your normal Citrix Support representative or review the relevant product documentation. This can be found on the Citrix website at the following address:</p>\n<p> <a href=\"http://docs.citrix.com/\">http://docs.citrix.com/</a></p>\n<p>Please continue to monitor this document for any future updates.</p>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> What Citrix Is Doing</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Obtaining Support on This Issue</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n<div>\n<h2> Reporting Security Vulnerabilities</h2>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div>\n</div></div>\n</section>", "edition": 2, "modified": "2019-08-15T04:00:00", "published": "2015-05-22T04:00:00", "id": "CTX201114", "href": "https://support.citrix.com/article/CTX201114", "title": "CVE-2015-4000 - Citrix Security Advisory for DHE_EXPORT TLS Vulnerability", "type": "citrix", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2020-12-01T15:30:10", "description": "The IBM WebSphere Application Server running on the remote host is version 6.1.0.x through 6.1.0.47, 7.0.0.x prior to\n7.0.0.39, 8.0.0.x prior to 8.0.0.11, or 8.5.0.x prior to 8.5.5.7. It is, therefore, affected by an information\ndisclosure vulnerability due to a failure to properly convey a DHE_EXPORT ciphersuite choice (LogJam). A remote,\nunauthenticated attacker can exploit this, using man in the middle techniques, to force a downgrade to 512-bit export-\ngrade cipher in order to recover the session key and modify the contents of the traffic.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2020-10-27T00:00:00", "title": "IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.7 LogJam (CVE-2015-4000)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2020-10-27T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_527817.NASL", "href": "https://www.tenable.com/plugins/nessus/141914", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141914);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2015-4000\");\n\n script_name(english:\"IBM WebSphere Application Server 6.1.0.x <= 6.1.0.47 / 7.0.0.x < 7.0.0.39 / 8.0.0.x < 8.0.0.11 / 8.5.x < 8.5.5.7 LogJam (CVE-2015-4000)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by an information disclosure vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The IBM WebSphere Application Server running on the remote host is version 6.1.0.x through 6.1.0.47, 7.0.0.x prior to\n7.0.0.39, 8.0.0.x prior to 8.0.0.11, or 8.5.0.x prior to 8.5.5.7. It is, therefore, affected by an information\ndisclosure vulnerability due to a failure to properly convey a DHE_EXPORT ciphersuite choice (LogJam). A remote,\nunauthenticated attacker can exploit this, using man in the middle techniques, to force a downgrade to 512-bit export-\ngrade cipher in order to recover the session key and modify the contents of the traffic.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/527817\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 7.0.0.30, 8.0.0.11, 8.5.5.7, or later. Alternatively, upgrade to the\nminimal fix pack levels required by the interim fix and then apply Interim Fix and update recommended in the vendor\nadvisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4000\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\n# Not checking workarounds\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\napp = 'IBM WebSphere Application Server';\nfix = 'Interim Fix ';\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\napp_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\nif (app_info['version'] =~ \"^8\\.5\")\n{\n pi = 'PI42776';\n fix += pi;\n}\nelse if (app_info['version'] =~ \"^8\\.0\")\n{\n pi = 'PI42777';\n fix += pi;\n}\nelse if (app_info['version'] =~ \"^7\\.0\")\n{\n pi = 'PI42778';\n fix += pi;\n}\nelse if (app_info['version'] =~ \"^6\\.1\")\n{\n pi = 'PI42779';\n fix += pi;\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, app, app_info['version']);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nif (pi >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n {'min_version':'6.1.0.0', 'max_version':'6.1.0.47', 'fixed_version':fix},\n {'min_version':'7.0.0.0', 'max_version':'7.0.0.37', 'fixed_version':'7.0.0.39 or ' + fix},\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.10', 'fixed_version':'8.0.0.11 or ' + fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.6', 'fixed_version':'8.5.5.7 or ' + fix}\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:17:44", "description": "The TLS protocol could allow a remote attacker to obtain sensitive\ninformation, caused by the failure to properly convey a DHE_EXPORT\nciphersuite choice. An attacker could exploit this vulnerability using\nman-in-the-middle techniques to force a downgrade to 512-bit\nexport-grade cipher. Successful exploitation could allow an attacker\nto recover the session key as well as modify the contents of the\ntraffic. This vulnerability is commonly referred to as 'Logjam'.", "edition": 25, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-08-11T00:00:00", "title": "AIX 7.1 TL 3 : sendmail (IV75646) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2015-08-11T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV75646.NASL", "href": "https://www.tenable.com/plugins/nessus/85304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory sendmail_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85304);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-4000\");\n\n script_name(english:\"AIX 7.1 TL 3 : sendmail (IV75646) (Logjam)\");\n script_summary(english:\"Check for APAR IV75646\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS protocol could allow a remote attacker to obtain sensitive\ninformation, caused by the failure to properly convey a DHE_EXPORT\nciphersuite choice. An attacker could exploit this vulnerability using\nman-in-the-middle techniques to force a downgrade to 512-bit\nexport-grade cipher. Successful exploitation could allow an attacker\nto recover the session key as well as modify the contents of the\ntraffic. This vulnerability is commonly referred to as 'Logjam'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"05\", patch:\"IV75646m5a\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.3.45\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:17:44", "description": "The TLS protocol could allow a remote attacker to obtain sensitive\ninformation, caused by the failure to properly convey a DHE_EXPORT\nciphersuite choice. An attacker could exploit this vulnerability using\nman-in-the-middle techniques to force a downgrade to 512-bit\nexport-grade cipher. Successful exploitation could allow an attacker\nto recover the session key as well as modify the contents of the\ntraffic. This vulnerability is commonly referred to as 'Logjam'.", "edition": 25, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-08-11T00:00:00", "title": "AIX 6.1 TL 8 : sendmail (IV75644) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2015-08-11T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_IV75644.NASL", "href": "https://www.tenable.com/plugins/nessus/85302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory sendmail_advisory2.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85302);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-4000\");\n\n script_name(english:\"AIX 6.1 TL 8 : sendmail (IV75644) (Logjam)\");\n script_summary(english:\"Check for APAR IV75644\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS protocol could allow a remote attacker to obtain sensitive\ninformation, caused by the failure to properly convey a DHE_EXPORT\nciphersuite choice. An attacker could exploit this vulnerability using\nman-in-the-middle techniques to force a downgrade to 512-bit\nexport-grade cipher. Successful exploitation could allow an attacker\nto recover the session key as well as modify the contents of the\ntraffic. This vulnerability is commonly referred to as 'Logjam'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/07\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"6.1\", ml:\"08\", sp:\"06\", patch:\"IV75644m6a\", package:\"bos.net.tcp.client\", minfilesetver:\"6.1.0.0\", maxfilesetver:\"6.1.8.19\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-02-04T14:00:49", "description": "The remote host supports EXPORT_DHE cipher suites with keys less than\nor equal to 512 bits. Through cryptanalysis, a third party can find\nthe shared secret in a short amount of time.\n\nA man-in-the middle attacker may be able to downgrade the session to\nuse EXPORT_DHE cipher suites. Thus, it is recommended to remove\nsupport for weak cipher suites.", "edition": 26, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-05-21T00:00:00", "title": "SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2015-05-21T00:00:00", "cpe": [], "id": "SSL_DH_EXPORT_SUPPORTED_CIPHERS.NASL", "href": "https://www.tenable.com/plugins/nessus/83738", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83738);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/03\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n\n script_name(english:\"SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam)\");\n script_summary(english:\"The remote host supports a weak set of ciphers.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host supports a set of weak ciphers.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host supports EXPORT_DHE cipher suites with keys less than\nor equal to 512 bits. Through cryptanalysis, a third party can find\nthe shared secret in a short amount of time.\n\nA man-in-the middle attacker may be able to downgrade the session to\nuse EXPORT_DHE cipher suites. Thus, it is recommended to remove\nsupport for weak cipher suites.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Reconfigure the service to remove support for EXPORT_DHE cipher\nsuites.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:ND/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"An in depth analysis by Tenable researchers revealed the Access Complexity to be high.\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_supported_ciphers.nasl\");\n script_require_ports(\"SSL/Supported\", \"DTLS/Supported\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"byte_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"ssl_funcs.inc\");\n\nif(!get_kb_item(\"SSL/Supported\") && !get_kb_item(\"DTLS/Supported\"))\n exit(1, \"Neither the 'SSL/Supported' nor the 'DTLS/Supported' flag is set.\");\n\npp_info = get_tls_dtls_ports(fork:TRUE, dtls:TRUE, check_port:TRUE, ciphers:TRUE);\nport = pp_info[\"port\"];\nif (isnull(port))\n exit(1, \"The host does not appear to have any TLS or DTLS based services.\");\n\nif(pp_info[\"proto\"] != \"tls\" && pp_info[\"proto\"] != \"dtls\")\n exit(1, \"A bad protocol was returned from get_tls_dtls_ports(). (\" + pp_info[\"port\"] + \"/\" + pp_info[\"proto\"] + \")\");\n\nsupported_ciphers = pp_info[\"ciphers\"];\nif (isnull(supported_ciphers))\n exit(0, \"No ciphers were found for \" + pp_info[\"l4_proto\"] + \" port \" + port + \".\");\nsupported_ciphers = make_list(supported_ciphers);\n\nc_report = cipher_report(supported_ciphers, name:\"_CK_DHE?_.*_EXPORT_\");\n\nif (isnull(c_report))\n exit(0, \"No EXPORT_DHE cipher suites are supported on \" + pp_info[\"l4_proto\"] + \" port \" + port + \".\");\n\n# Report our findings.\nreport =\n '\\nEXPORT_DHE cipher suites supported by the remote server :' +\n '\\n' + c_report;\n\nsecurity_report_v4(port:port, proto:pp_info[\"l4_proto\"], extra:report, severity:SECURITY_NOTE);\n\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T13:48:47", "description": "A flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL\nto reject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit\nto 1024 bits.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.", "edition": 15, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-06-08T00:00:00", "title": "Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150604) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2015-06-08T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:openssl-devel", "p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo", "p-cpe:/a:fermilab:scientific_linux:openssl", "p-cpe:/a:fermilab:scientific_linux:openssl-perl", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:openssl-static", "p-cpe:/a:fermilab:scientific_linux:openssl-libs"], "id": "SL_20150604_OPENSSL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/84015", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84015);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-4000\");\n\n script_name(english:\"Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20150604) (Logjam)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL\nto reject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit\nto 1024 bits.\n\nFor the update to take effect, all services linked to the OpenSSL\nlibrary must be restarted, or the system rebooted.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=2853\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6d6b5f68\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/08\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"openssl-1.0.1e-30.el6_6.9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-debuginfo-1.0.1e-30.el6_6.9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-devel-1.0.1e-30.el6_6.9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-perl-1.0.1e-30.el6_6.9\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"openssl-static-1.0.1e-30.el6_6.9\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-1.0.1e-42.el7_1.6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-debuginfo-1.0.1e-42.el7_1.6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-devel-1.0.1e-42.el7_1.6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-libs-1.0.1e-42.el7_1.6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-perl-1.0.1e-42.el7_1.6\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"openssl-static-1.0.1e-42.el7_1.6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-debuginfo / openssl-devel / openssl-libs / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-01T06:24:45", "description": "The remote SSH server allows connections with one or more\nDiffie-Hellman moduli less than or equal to 1024 bits. Through\ncryptanalysis, a third party can find the shared secret in a short\namount of time (depending on modulus size and attacker resources).\nThis allows an attacker to recover the plaintext or potentially\nviolate the integrity of connections.", "edition": 32, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-10-09T00:00:00", "title": "SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2021-04-02T00:00:00", "cpe": [], "id": "SSH_LOGJAM.NASL", "href": "https://www.tenable.com/plugins/nessus/86328", "sourceData": "#TRUSTED 52edaf002923a53163092d67925122a4637f5724681e8419253d73b1a9440d617d17b10deeb817ae482a38f74b231e5e0cd62e1eee8f9b5dec51c0d40afa88a283b704c61f10688276aa3e6ef81a99b98102966f754a05737934b526623d3788685b464bdff5b19862e5a16cf659bd5e2d483815ff4a6a1c2d7c6403697f82c8cf3dae38a01463c3a4e4346b764e1bba56e3ca81a7bbe7ce70ec9df58007d89e28bb0a8e06fd59344eee0972eac26e7def31bcd1b55b3bd0df6f1dc3f3ef2a7112c52640909ef42fe0b3d2e4ac0f2c73ebf0c74da578b6da5a35b29b31c3ce826a192137473b7f37c6a62f33894557b76345a13477d79409c79034e48e473dcaa734e2156cbc3430a893f33ee09b17523cea40b69994d47670344077fd39a5e3f1965287fdfdff256997898923b5d68ae9e86b69fa975602e55691a6fb25316b9a20bc73e45178a4cc64446b45e72e4cb49a6a52b0e88e4ecf5853741b9e6d63a60e00bfeb08f45e42bb5cd98db457a67827791cc60d341bf2f21e069de7dd130d6d952e36d034a149e515a6680b5be32c86ce63872fcf1d65f84528d4ac583c15bc52aec10be7316cca7d942e4f4185975000236eb4deae18ae94133208b1e4076e8afed63d2ba8da530e62f24d14e03b28e39fbb4f884dd7f40c3f1c6494e53a05ca84132d66b3794cf91d3a6da36ee7edaed0051750bf0cc40c0999c80945\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86328);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2020/01/17\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n\n script_name(english:\"SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam)\");\n script_summary(english:\"Checks to see what DH modulus sizes are being used.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host allows SSH connections with one or more Diffie-Hellman\nmoduli less than or equal to 1024 bits.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SSH server allows connections with one or more\nDiffie-Hellman moduli less than or equal to 1024 bits. Through\ncryptanalysis, a third party can find the shared secret in a short\namount of time (depending on modulus size and attacker resources).\nThis allows an attacker to recover the plaintext or potentially\nviolate the integrity of connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://stribika.github.io/2015/01/04/secure-secure-shell.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Reconfigure the service to use a unique Diffie-Hellman moduli of 2048\nbits or greater.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"An in depth analysis by Tenable researchers revealed the Access Complexity to be high.\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/09\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"find_service.nasl\");\n script_require_keys(\"Services/ssh\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"ssh_func.inc\");\ninclude(\"audit.inc\");\n\n\n##\n# Checks to see if the server can be forced to use a DH\n# group exchange with a modulus smaller than or equal to\n# 1024\n#\n# @param socket : socket of SSH sever\n# @param port : port for socket (used in exit messages)\n#\n# @remark exits with message when network failure occurs\n#\n# @return TRUE if the server supports a GEX with 1024 mod\n# FALSE if the server does not allow this\n##\nfunction can_force_dh_gex_1024(socket, port)\n{\n if(isnull(socket))\n socket = _FCT_ANON_ARGS[0];\n if(isnull(socket))\n return FALSE;\n\n local_var key_exchange_algo = \"diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1\";\n local_var server_host_key_algo = \"ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss\";\n local_var enc_alg_client_to_server = \"aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc\";\n local_var mac_alg_client_to_server = \"hmac-sha1\";\n local_var cmp_alg_client_to_server = \"none\";\n local_var enc_alg_server_to_client = enc_alg_client_to_server;\n local_var mac_alg_server_to_client = mac_alg_client_to_server;\n local_var cmp_alg_server_to_client = cmp_alg_client_to_server;\n\n # Initialize key exchange\n local_var ccookie = \"\";\n while(strlen(ccookie) < 16)\n ccookie += raw_int8(rand()%256);\n local_var data =\n ccookie + # cookie\n putstring(key_exchange_algo) + # kex_algorithms\n putstring(server_host_key_algo) + # server_host_key_algorithms\n putstring(enc_alg_client_to_server) + # encryption_algorithms_client_to_server\n putstring(enc_alg_server_to_client) + # encryption_algorithms_server_to_client\n putstring(mac_alg_client_to_server) + # mac_algorithms_client_to_server\n putstring(mac_alg_server_to_client) + # mac_algorithms_server_to_client\n putstring(cmp_alg_client_to_server) + # compression_algorithms_client_to_server\n putstring(cmp_alg_server_to_client) + # compression_algorithms_server_to_client\n raw_int32(0) + # languages_client_to_server\n raw_int32(0) + # languages_server_to_client\n crap(data:raw_string(0x00), length:5); # payload\n data = kex_packet(payload:data, code:SSH_MSG_KEXINIT);\n send(socket:socket, data:data);\n\n # Try to force 1024 bit modulus\n data =\n raw_int32(128) + # min key length\n raw_int32(1024) + # preferred key length\n raw_int32(1024); # max key length\n data = kex_packet(payload:data, code:SSH_MSG_KEXDH_GEX_REQUEST);\n send(socket:socket, data:data);\n\n data = recv(socket:socket, length:1000);\n\n # Newer versions of OpenSSH appear to just not respond at all\n # if you have a maximum moduli value below their min moduli\n if(isnull(data))\n return FALSE;\n\n # Anything other than KEXDH_REPLY probably means the server sent us an error back\n if(ord(data[5]) != SSH_MSG_KEXDH_REPLY)\n return FALSE;\n\n data = packet_payload(packet:data, code:SSH_MSG_KEXDH_REPLY);\n\n # Also shouldn't happen\n if(!data)\n {\n close(socket);\n exit(1, \"The SSH server on port \"+port+\" did not respond as expected to the group exchange request.\");\n }\n\n # Check the mod length\n local_var p = getstring(buffer:data, pos:0);\n if(strlen(p)-1 <= (1024 / 8))\n return TRUE;\n\n return FALSE;\n}\n\nport = get_kb_item_or_exit(\"Services/ssh\"); # this will branch\nclient_ver = 'SSH-2.0-OpenSSH_6.4\\r\\n';\n\n# Only nation states might have the processing power to\n# exploit this and nearly all SSH implementations will be\n# flagged\nif(report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\n# Server vulnerable if report is not blank\nreport = \"\";\n\n# Negotiate connection\nsoc = open_sock_tcp(port);\nif(!soc)\n audit(AUDIT_SOCK_FAIL, port);\n\n# Exchange versions\nserver_ver = recv(socket:soc, length:1024);\nif(isnull(server_ver))\n audit(AUDIT_SERVICE_VER_FAIL, \"SSH\", port);\nif(\"SSH-2.0\" >!< server_ver && \"SSH-1.99\" >!< server_ver)\n audit(AUDIT_NOT_LISTEN, \"SSH 2.0 Server\", port);\nsend(socket:soc, data:client_ver);\n\n# Check and make sure we got valid KEX INIT data\nserver_kex_dat = recv(socket:soc, length:2048);\nif(isnull(server_kex_dat) || ord(server_kex_dat[5]) != SSH_MSG_KEXINIT)\n{\n close(soc);\n exit(1, \"The SSH server on port \"+port+\" did not send key exchange data.\");\n}\n\n# Check key exchange for weaknesses\nif(\"diffie-hellman-group1-sha1\" >< server_kex_dat)\n{\n group1_supported = TRUE;\n report += \n ' It supports diffie-hellman-group1-sha1 key\\n' +\n ' exchange.\\n\\n';\n}\nif(\"diffie-hellman-group-exchange-sha1\" >< server_kex_dat && can_force_dh_gex_1024(soc,port:port))\n{\n gex1024_supported = TRUE;\n report += \n ' It supports diffie-hellman-group-exchange-sha1\\n' +\n ' key exchange and allows a moduli smaller than\\n' +\n ' or equal to 1024.\\n\\n';\n}\nclose(soc);\n\nif(report != \"\")\n{\n if (get_kb_item(\"Settings/PCI_DSS\"))\n {\n # Used by pci_weak_dh_under_2048.nasl\n set_kb_item(name:\"PCI/weak_dh_ssh\", value:port);\n pci_key = \"PCI/weak_dh_ssh/moduli/\" + port;\n if (group1_supported && gex1024_supported)\n {\n replace_kb_item(name:pci_key, value:\"both\");\n }\n # Only one of the two is supported\n else\n {\n if (group1_supported)\n replace_kb_item(name:pci_key, value:\"group1\");\n if (gex1024_supported)\n replace_kb_item(name:pci_key, value:\"gex1024\");\n }\n }\n\n if(report_verbosity > 0)\n {\n # This is a hard attack ... for now.\n report =\n 'The SSH server is vulnerable to the Logjam attack because :\\n\\n' +\n report +\n 'Note that only an attacker with nation-state level resources\\n' +\n 'can effectively make use of the vulnerability, and only\\n' +\n 'against sessions where the vulnerable key exchange\\n' +\n 'algorithms are used.\\n';\n security_note(port:port,extra:report);\n }\n else security_note(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"SSH Server\", port);\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T13:23:31", "description": "The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix CVE-2015-4000 - prevent the logjam attack on client\n - restrict the DH key size to at least 768 bits (limit\n will be increased in future)\n\n - drop the AES-GCM restriction of 2^32 operations because\n the IV is always 96 bits (32 bit fixed field + 64 bit\n invocation field)", "edition": 28, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-06-05T00:00:00", "title": "OracleVM 3.3 : openssl (OVMSA-2015-0065) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2015-06-05T00:00:00", "cpe": ["cpe:/o:oracle:vm_server:3.3", "p-cpe:/a:oracle:vm:openssl"], "id": "ORACLEVM_OVMSA-2015-0065.NASL", "href": "https://www.tenable.com/plugins/nessus/84004", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0065.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84004);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n\n script_name(english:\"OracleVM 3.3 : openssl (OVMSA-2015-0065) (Logjam)\");\n script_summary(english:\"Checks the RPM output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - fix CVE-2015-4000 - prevent the logjam attack on client\n - restrict the DH key size to at least 768 bits (limit\n will be increased in future)\n\n - drop the AES-GCM restriction of 2^32 operations because\n the IV is always 96 bits (32 bit fixed field + 64 bit\n invocation field)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2015-June/000314.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"openssl-1.0.1e-30.el6_6.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-30T10:26:42", "description": "At least one of the services on the remote host supports a\nDiffie-Hellman key exchange using a public modulus smaller than 2048\nbits.\n\nDiffie-Hellman key exchanges with keys smaller than 2048 bits do not\nmeet the PCI definition of strong cryptography as specified by\nNIST Special Publication 800-57 Part 1.\n\nDiffie-Hellman moduli of up to 1024 bits are considered practically\nbreakable by an attacker with very significant resources.", "edition": 15, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2018-01-29T00:00:00", "title": "Weak DH Key Exchange Supported (PCI DSS)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2018-01-29T00:00:00", "cpe": [], "id": "PCI_WEAK_DH_UNDER_2048.NASL", "href": "https://www.tenable.com/plugins/nessus/106459", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106459);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/27\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n\n script_name(english:\"Weak DH Key Exchange Supported (PCI DSS)\");\n script_summary(english:\"Checks that no services support weak key exchange\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A service on the remote host supports a weak key exchange mechanism\");\n script_set_attribute(attribute:\"description\", value:\n\"At least one of the services on the remote host supports a\nDiffie-Hellman key exchange using a public modulus smaller than 2048\nbits.\n\nDiffie-Hellman key exchanges with keys smaller than 2048 bits do not\nmeet the PCI definition of strong cryptography as specified by\nNIST Special Publication 800-57 Part 1.\n\nDiffie-Hellman moduli of up to 1024 bits are considered practically\nbreakable by an attacker with very significant resources.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://weakdh.org/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Consult the software's manual and reconfigure the service to use at\nleast 2048-bit DH parameters. Alternatively, disable DH and use only\nElliptic-curve Diffie-Hellman (ECDH) instead.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:ND/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:X/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-4000\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_logjam.nasl\", \"ssh_logjam.nasl\");\n script_require_keys(\"Settings/PCI_DSS\");\n script_exclude_keys(\"Settings/PCI_DSS_local_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Settings/PCI_DSS\"))\n audit(AUDIT_PCI);\n\nif (get_kb_item(\"Settings/PCI_DSS_local_checks\"))\n exit(1, \"This plugin only runs for PCI External scans.\");\n\nssl_ports = get_kb_list(\"PCI/weak_dh_ssl\");\nssh_ports = get_kb_list(\"PCI/weak_dh_ssh\");\n\nif (isnull(ssl_ports) && isnull(ssh_ports))\n exit(0, \"No affected SSH or SSL services were detected.\");\n\nif (isnull(ssl_ports))\n ssl_ports = [];\nif (isnull(ssh_ports))\n ssh_ports = [];\n\nforeach port (list_uniq(ssl_ports))\n{\n length = get_kb_item(\"PCI/weak_dh_ssl/modlen/\" + port);\n if (length >= 2048)\n continue;\n security_report_v4(\n severity:SECURITY_WARNING,\n port:port,\n extra:\"The SSL/TLS service on port \" + port + \" uses a \" + length + \"-bit DH modulus.\"\n );\n}\n\n# ssh_logjam.nasl does not check for moduli smaller than 2048 bits,\n# rather it checks that a 1024-bit modulus is supported.\n# Operators *could* create a weird, barely-big-enough modulus like\n# 1028-bit and this check wouldn't flag them.\nforeach port (ssh_ports)\n{\n supported = get_kb_item(\"PCI/weak_dh_ssh/moduli/\" + port);\n # A little confusing; ssh_logjam.nasl sets a KB for either \"group1\",\n # \"gex1024\", or \"both\" if both gex1024 and group1 are supported.\n report = 'The SSH service on port ' + port + ' supports a weak DH modulus :\\n';\n if (supported == \"group1\" || supported == \"both\")\n # It's called Oakley Group 2, but SSH protocol calls it group1. See RFC 4253 8.1.\n report += ' - The very common 1024-bit Oakley Group 2 DH modulus\\n';\n if (supported == \"gex1024\" || supported == \"both\")\n report += ' - DH group exchange is enabled and 1024-bit parameters are allowed\\n';\n\n security_report_v4(\n severity:SECURITY_WARNING,\n port:port,\n extra:report\n );\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-04-01T01:23:39", "description": "A flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nPlease note that this update forces the TLS/SSL client implementation\nin NSS to reject DH key sizes below 768 bits, which prevents sessions\nto be downgraded to export-grade keys. Future updates may raise this\nlimit to 1024 bits.", "edition": 27, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2015-07-23T00:00:00", "title": "Amazon Linux AMI : nss / nss-util (ALAS-2015-569) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2021-04-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:nss-sysinit", "p-cpe:/a:amazon:linux:nss-devel", "p-cpe:/a:amazon:linux:nss", "p-cpe:/a:amazon:linux:nss-util-debuginfo", "p-cpe:/a:amazon:linux:nss-debuginfo", "p-cpe:/a:amazon:linux:nss-pkcs11-devel", "p-cpe:/a:amazon:linux:nss-util-devel", "p-cpe:/a:amazon:linux:nss-util", "p-cpe:/a:amazon:linux:nss-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-569.NASL", "href": "https://www.tenable.com/plugins/nessus/84929", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-569.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84929);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_xref(name:\"ALAS\", value:\"2015-569\");\n script_xref(name:\"RHSA\", value:\"2015:1185\");\n\n script_name(english:\"Amazon Linux AMI : nss / nss-util (ALAS-2015-569) (Logjam)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way the TLS protocol composes the\nDiffie-Hellman (DH) key exchange. A man-in-the-middle attacker could\nuse this flaw to force the use of weak 512 bit export-grade keys\nduring the key exchange, allowing them do decrypt all traffic.\n(CVE-2015-4000)\n\nPlease note that this update forces the TLS/SSL client implementation\nin NSS to reject DH key sizes below 768 bits, which prevents sessions\nto be downgraded to export-grade keys. Future updates may raise this\nlimit to 1024 bits.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-569.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update nss nss-util' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-pkcs11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:nss-util-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/22\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"nss-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-debuginfo-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-devel-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-pkcs11-devel-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-sysinit-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-tools-3.19.1-3.71.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-3.19.1-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-debuginfo-3.19.1-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"nss-util-devel-3.19.1-1.41.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nss / nss-debuginfo / nss-devel / nss-pkcs11-devel / nss-sysinit / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-20T14:45:51", "description": "This update for mysql fixes the following issues :\n\n - bsc#959724: fix incorrect usage of sprintf/strcpy that\n caused possible buffer overflow issues at various places\n\nOn SUSE Linux Enterprise 11 SP4 this fix was not yet shipped :\n\n - Increase the key length (to 2048 bits) used in\n vio/viosslfactories.c for creating Diffie-Hellman keys\n (Logjam Attack) [bnc#934789] [CVE-2015-4000]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 3.7, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2016-08-29T00:00:00", "title": "SUSE SLES11 Security Update : mysql (SUSE-SU-2016:1618-1) (Logjam)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2016-08-29T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmysqlclient15", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:libmysqlclient_r15"], "id": "SUSE_SU-2016-1618-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1618-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93157);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n\n script_name(english:\"SUSE SLES11 Security Update : mysql (SUSE-SU-2016:1618-1) (Logjam)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mysql fixes the following issues :\n\n - bsc#959724: fix incorrect usage of sprintf/strcpy that\n caused possible buffer overflow issues at various places\n\nOn SUSE Linux Enterprise 11 SP4 this fix was not yet shipped :\n\n - Increase the key length (to 2048 bits) used in\n vio/viosslfactories.c for creating Diffie-Hellman keys\n (Logjam Attack) [bnc#934789] [CVE-2015-4000]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=934789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959724\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4000/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161618-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72630e29\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-mysql-12620=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-mysql-12620=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqlclient15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqlclient_r15\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/05/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient15-32bit-5.0.96-0.8.10.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libmysqlclient15-32bit-5.0.96-0.8.10.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libmysqlclient15-5.0.96-0.8.10.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libmysqlclient_r15-5.0.96-0.8.10.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "atlassian": [{"lastseen": "2017-03-22T18:16:54", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "edition": 1, "description": "Update the bundled version of java to a version >= 1.8u51 (1.8 update 51), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html).\r\nIncluded in the security fixes is a fix for logjam (CVE-2015-4000)", "modified": "2016-07-20T02:41:44", "published": "2015-07-15T01:35:17", "id": "ATLASSIAN:CONF-38295", "href": "https://jira.atlassian.com/browse/CONF-38295", "title": "Update Java version bundled found in the installer to a version >= 1.8u51", "type": "atlassian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-12-24T14:35:31", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "description": "Update the bundled version of java to a version >= 1.8u51 (1.8 update 51), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html).\r\nIncluded in the security fixes is a fix for logjam (CVE-2015-4000)", "edition": 7, "modified": "2018-10-11T08:35:32", "published": "2015-07-15T01:35:17", "id": "ATLASSIAN:CONFSERVER-38295", "href": "https://jira.atlassian.com/browse/CONFSERVER-38295", "title": "Update Java version bundled found in the installer to a version >= 1.8u51", "type": "atlassian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-03-22T18:16:54", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "edition": 1, "description": "Update the bundled version of java to a version >= 1.8u51 (1.8 update 51), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html).\r\nIncluded in the security fixes is a fix for logjam (CVE-2015-4000)", "modified": "2016-06-06T03:44:13", "published": "2015-07-15T01:43:18", "href": "https://jira.atlassian.com/browse/JRA-44296", "id": "ATLASSIAN:JRA-44296", "title": "Update Java version bundled found in the installer to a version >= 1.8u51", "type": "atlassian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-12-24T14:35:31", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "description": "Update the bundled version of java to a version >= 1.8u51 (1.8 update 51), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html).\r\nIncluded in the security fixes is a fix for logjam (CVE-2015-4000)", "edition": 9, "modified": "2019-03-28T00:18:12", "published": "2015-07-15T01:43:18", "id": "ATLASSIAN:JRASERVER-44296", "href": "https://jira.atlassian.com/browse/JRASERVER-44296", "title": "Update Java version bundled found in the installer to a version >= 1.8u51", "type": "atlassian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cisa": [{"lastseen": "2021-02-24T18:08:07", "bulletinFamily": "info", "cvelist": ["CVE-2015-4000"], "description": "OpenSSL has released updates addressing multiple vulnerabilities, one of which allows a remote attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography\u2014an attack known as Logjam ([CVE-2015-4000](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000>)). Exploitation of some of these vulnerabilities could allow the attacker to read and modify data passed over the connection.\n\nUpdates available include:\n\n * OpenSSL 1.0.2b for 1.0.2 users\n * OpenSSL 1.0.1n for 1.0.1 users\n * OpenSSL 1.0.0s for 1.0.0d (and below) users\n * OpenSSL 0.9.8zg for 0.9.8r (and below) users\n\nUsers and administrators are encouraged to review the [OpenSSL Security Advisory](<https://www.openssl.org/news/secadv_20150611.txt>) and apply the necessary updates.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2015/06/12/OpenSSL-Patches-Multiple-Vulnerabilities>); we'd welcome your feedback.\n", "modified": "2015-06-12T00:00:00", "published": "2015-06-12T00:00:00", "id": "CISA:C6FC512213BBB287A39B2B11F25268A6", "href": "https://us-cert.cisa.gov/ncas/current-activity/2015/06/12/OpenSSL-Patches-Multiple-Vulnerabilities", "type": "cisa", "title": "OpenSSL Patches Multiple Vulnerabilities", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:37:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "Check the version of nss", "modified": "2019-03-08T00:00:00", "published": "2015-06-24T00:00:00", "id": "OPENVAS:1361412562310882207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882207", "type": "openvas", "title": "CentOS Update for nss CESA-2015:1185 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss CESA-2015:1185 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882207\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-24 06:17:37 +0200 (Wed, 24 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss CESA-2015:1185 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of nss\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of\n libraries designed to support cross-platform development of security-enabled\n client and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021222.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-pkcs11-devel\", rpm:\"nss-pkcs11-devel~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310842212", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842212", "type": "openvas", "title": "Ubuntu Update for openssl USN-2624-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for openssl USN-2624-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842212\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:06:47 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_cve_id(\"CVE-2015-4000\");\n script_name(\"Ubuntu Update for openssl USN-2624-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"As a security improvement, this update\nremoves the export cipher suites from the default cipher list to prevent their\nuse in possible downgrade attacks.\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2624-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2624-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu9.5\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu9.5\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:amd64\", ver:\"1.0.1f-1ubuntu2.12\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1f-1ubuntu2.12\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.28\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "Check the version of openssl", "modified": "2019-03-08T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310882192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882192", "type": "openvas", "title": "CentOS Update for openssl CESA-2015:1072 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for openssl CESA-2015:1072 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882192\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:04:34 +0200 (Tue, 09 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for openssl CESA-2015:1072 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of openssl\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the\n Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1072\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021157.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-perl\", rpm:\"openssl-perl~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-static\", rpm:\"openssl-static~1.0.1e~30.el6.9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "Mageia Linux Local Security Checks mgasa-2015-0260", "modified": "2018-09-28T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310130117", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130117", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0260", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0260.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130117\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:42:55 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0260\");\n script_tag(name:\"insight\", value:\"The filezilla package has been updated to version 3.11.0.2, fixing multiple bugs and one security issue, related to the LOGJAM TLS issue when using FTP.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0260.html\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0260\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"filezilla\", rpm:\"filezilla~3.11.0.2~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-06-26T00:00:00", "id": "OPENVAS:1361412562310871382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871382", "type": "openvas", "title": "RedHat Update for nss RHSA-2015:1185-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for nss RHSA-2015:1185-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871382\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:08 +0200 (Fri, 26 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for nss RHSA-2015:1185-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set of libraries designed to support\ncross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1185-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00032.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el7_1\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-debuginfo\", rpm:\"nss-debuginfo~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-devel\", rpm:\"nss-devel~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-sysinit\", rpm:\"nss-sysinit~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-tools\", rpm:\"nss-tools~3.19.1~3.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-debuginfo\", rpm:\"nss-util-debuginfo~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310869416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869416", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2015-9130", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2015-9130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869416\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 10:54:27 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-util FEDORA-2015-9130\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9130\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159313.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.0.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-04-02T18:46:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "This host is accepting ", "modified": "2020-03-31T00:00:00", "published": "2015-05-22T00:00:00", "id": "OPENVAS:1361412562310805188", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805188", "type": "openvas", "title": "SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805188\");\n script_version(\"2020-03-31T06:57:15+0000\");\n script_cve_id(\"CVE-2015-4000\");\n script_bugtraq_id(74733);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-31 06:57:15 +0000 (Tue, 31 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-05-22 13:17:23 +0530 (Fri, 22 May 2015)\");\n script_name(\"SSL/TLS: 'DHE_EXPORT' Man in the Middle Security Bypass Vulnerability (LogJam)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SSL and TLS\");\n script_dependencies(\"secpod_ssl_ciphers.nasl\");\n script_mandatory_keys(\"secpod_ssl_ciphers/supported_ciphers\", \"ssl_tls/port\");\n\n script_xref(name:\"URL\", value:\"https://weakdh.org\");\n script_xref(name:\"URL\", value:\"https://weakdh.org/imperfect-forward-secrecy.pdf\");\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2015/05/20/8\");\n script_xref(name:\"URL\", value:\"https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained\");\n script_xref(name:\"URL\", value:\"https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes\");\n\n script_tag(name:\"summary\", value:\"This host is accepting 'DHE_EXPORT' cipher suites\n and is prone to man in the middle attack.\");\n\n script_tag(name:\"vuldetect\", value:\"Check previous collected cipher suites saved in the KB.\");\n\n script_tag(name:\"insight\", value:\"Flaw is triggered when handling\n Diffie-Hellman key exchanges defined in the 'DHE_EXPORT' cipher suites.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a\n man-in-the-middle attacker to downgrade the security of a TLS session to\n 512-bit export-grade cryptography, which is significantly weaker, allowing\n the attacker to more easily break the encryption and monitor or tamper with\n the encrypted stream.\");\n\n script_tag(name:\"affected\", value:\"- Hosts accepting 'DHE_EXPORT' cipher suites\n\n - OpenSSL version before 1.0.2b and 1.0.1n\");\n\n script_tag(name:\"solution\", value:\"- Remove support for 'DHE_EXPORT' cipher\n suites from the service\n\n - If running OpenSSL updateto version 1.0.2b or 1.0.1n or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"ssl_funcs.inc\");\n\ncipherText = \"'DHE_EXPORT' cipher suites\";\n\nif( ! port = tls_ssl_get_port() )\n exit( 0 );\n\nif( ! sup_ssl = get_kb_item( \"tls/supported/\" + port ) )\n exit( 0 );\n\nif( \"SSLv3\" >< sup_ssl ) {\n sslv3CipherList = get_kb_list( \"secpod_ssl_ciphers/sslv3/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( sslv3CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n sslv3CipherList = sort( sslv3CipherList );\n\n foreach sslv3Cipher( sslv3CipherList ) {\n if( sslv3Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n sslv3Vuln = TRUE;\n sslv3tmpReport += sslv3Cipher + '\\n';\n }\n }\n\n if( sslv3Vuln ) {\n report += cipherText +' accepted by this service via the SSLv3 protocol:\\n\\n' + sslv3tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.0\" >< sup_ssl ) {\n tlsv1_0CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_0CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_0CipherList = sort( tlsv1_0CipherList );\n\n foreach tlsv1_0Cipher( tlsv1_0CipherList ) {\n if( tlsv1_0Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_0Vuln = TRUE;\n tlsv1_0tmpReport += tlsv1_0Cipher + '\\n';\n }\n }\n\n if( tlsv1_0Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.0 protocol:\\n\\n' + tlsv1_0tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.1\" >< sup_ssl ) {\n tlsv1_1CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1_1/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_1CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_1CipherList = sort( tlsv1_1CipherList );\n\n foreach tlsv1_1Cipher( tlsv1_1CipherList ) {\n if( tlsv1_1Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_1Vuln = TRUE;\n tlsv1_1tmpReport += tlsv1_1Cipher + '\\n';\n }\n }\n\n if( tlsv1_1Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.1 protocol:\\n\\n' + tlsv1_1tmpReport + '\\n';\n }\n }\n}\n\nif( \"TLSv1.2\" >< sup_ssl ) {\n tlsv1_2CipherList = get_kb_list( \"secpod_ssl_ciphers/tlsv1_2/\" + port + \"/supported_ciphers\" );\n\n if( ! isnull( tlsv1_2CipherList ) ) {\n\n # Sort to not report changes on delta reports if just the order is different\n tlsv1_2CipherList = sort( tlsv1_2CipherList );\n\n foreach tlsv1_2Cipher( tlsv1_2CipherList ) {\n if( tlsv1_2Cipher =~ \"^TLS_DHE?_.*_EXPORT_\" ) {\n tlsv1_2Vuln = TRUE;\n tlsv1_2tmpReport += tlsv1_2Cipher + '\\n';\n }\n }\n\n if( tlsv1_2Vuln ) {\n report += cipherText + ' accepted by this service via the TLSv1.2 protocol:\\n\\n' + tlsv1_2tmpReport + '\\n';\n }\n }\n}\n\nif( report ) {\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "Check the version of nss-util", "modified": "2019-03-08T00:00:00", "published": "2015-06-26T00:00:00", "id": "OPENVAS:1361412562310882208", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882208", "type": "openvas", "title": "CentOS Update for nss-util CESA-2015:1185 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for nss-util CESA-2015:1185 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882208\");\n script_version(\"$Revision: 14058 $\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-26 06:24:29 +0200 (Fri, 26 Jun 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for nss-util CESA-2015:1185 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of nss-util\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Network Security Services (NSS) is a set\n of libraries designed to support cross-platform development of security-enabled\n client and server applications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\");\n script_tag(name:\"affected\", value:\"nss-util on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1185\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-June/021219.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nss-util-devel\", rpm:\"nss-util-devel~3.19.1~1.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-06-09T00:00:00", "id": "OPENVAS:1361412562310871364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871364", "type": "openvas", "title": "RedHat Update for openssl RHSA-2015:1072-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for openssl RHSA-2015:1072-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871364\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-09 11:01:02 +0200 (Tue, 09 Jun 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for openssl RHSA-2015:1072-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\");\n script_tag(name:\"affected\", value:\"openssl on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1072-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-June/msg00008.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.1e~42.el7_1.6\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-debuginfo\", rpm:\"openssl-debuginfo~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.1e~30.el6_6.9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869559", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2015-9048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2015-9048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869559\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:24:56 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-4000\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nss-util FEDORA-2015-9048\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9048\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/159350.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.19.1~1.0.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "modified": "2015-06-02T15:17:04", "published": "2015-06-02T15:17:04", "id": "FEDORA:DF12460167D9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-3.19.1-1.0.fc22", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Utilities for Network Security Services and the Softoken module ", "modified": "2015-06-02T15:17:04", "published": "2015-06-02T15:17:04", "id": "FEDORA:0247660876CD", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-util-3.19.1-1.0.fc22", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "modified": "2015-06-01T17:06:26", "published": "2015-06-01T17:06:26", "id": "FEDORA:1B5E26014558", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-3.19.1-1.0.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Utilities for Network Security Services and the Softoken module ", "modified": "2015-06-01T17:06:27", "published": "2015-06-01T17:06:27", "id": "FEDORA:3733C6079D2E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-util-3.19.1-1.0.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Network Security Services Softoken Cryptographic Module ", "modified": "2015-06-01T17:06:26", "published": "2015-06-01T17:06:26", "id": "FEDORA:2C4EB601455B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: nss-softokn-3.19.1-1.0.fc21", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Network Security Services Softoken Cryptographic Module ", "modified": "2015-06-02T15:17:04", "published": "2015-06-02T15:17:04", "id": "FEDORA:EC81E60167DA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: nss-softokn-3.19.1-1.0.fc22", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:48", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "nss\n[3.19.1-3.0.1]\n- Added nss-vendor.patch to change vendor\n[3.19.1-3]\n- Additional NULL initialization.\n[3.19.1-2]\n- Updated the patch to keep old cipher suite order\n- Resolves: Bug 1224449\n[3.19.1-1]\n- Rebase to nss-3.19.1\n- Resolves: Bug 1224449\nnss-util\n[3.19.0-1]\n- Rebase to nss-3.19.1\n- Resolves: Bug 1224449\n[3.18.0-1]\n- Resolves: - Bug 1205064 - [RHEL6.6] nss-util 3.18 rebase required for firefox 38 ESR", "edition": 4, "modified": "2015-06-25T00:00:00", "published": "2015-06-25T00:00:00", "id": "ELSA-2015-1185", "href": "http://linux.oracle.com/errata/ELSA-2015-1185.html", "title": "nss security update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:40", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "[1.0.1e-30.9]\n- fix CVE-2015-4000 - prevent the logjam attack on client - restrict\n the DH key size to at least 768 bits (limit will be increased in future)", "edition": 4, "modified": "2015-06-04T00:00:00", "published": "2015-06-04T00:00:00", "id": "ELSA-2015-1072", "href": "http://linux.oracle.com/errata/ELSA-2015-1072.html", "title": "openssl security update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "threatpost": [{"lastseen": "2018-10-06T22:56:45", "bulletinFamily": "info", "cvelist": ["CVE-2015-4000"], "description": "The OpenSSL project has patched several moderate- and low-severity security vulnerabilities and also has added protection against the Logjam attack in new releases of the software.\n\nMost of the vulnerabilities fixed in the new releases are denial-of-service bugs, but one of them can potentially cause memory corruption. That vulnerability only affected older versions of OpenSSL.\n\n\u201cIf a DTLS peer receives application data between the ChangeCipherSpec and Finished messages, buffering of such data may cause an invalid free, resulting in a segmentation fault or potentially, memory corruption. This issue affected older OpenSSL versions 1.0.1, 1.0.0 and 0.9.8,\u201d the OpenSSL [advisory](<http://openssl.org/news/secadv_20150611.txt>) says.\n\nIn addition to the patches, the new versions of OpenSSL also include protection against the [Logjam attack](<https://threatpost.com/new-logjam-attack-on-diffie-hellman-threatens-security-of-browsers-vpns/112916>), which was disclosed in May. That attack involves the way that servers handle the Diffie-Hellman key exchange.\n\n\u201cMillions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve\u2014the most efficient algorithm for breaking a Diffie-Hellman connection\u2014is dependent only on this prime. After this first step, an attacker can quickly break individual connections,\u201d says an [explanation](<https://weakdh.org/>) of the vulnerability and attack, which was researched by a group of academic and industry experts from Johns Hopkins University, Microsoft, the University of Michigan and elsewhere. \n\nOpenSSL has added protection against the attack in version 1.0.2b and 1.0.1n.\n\n\u201cA vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam (CVE-2015-4000). OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release,\u201d the advisory says.\n\nThe new releases also fix an exploitable issue that could allow an attacker to create malformed certificates and CRLs.\n\n\u201cX509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string. An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks,\u201d the advisory says.\n\nThe new OpenSSL releases are versions 1.0.2b, 1.0.1n, 1.0.0s, and 0.9.8zg.\n", "modified": "2015-06-12T15:02:02", "published": "2015-06-11T13:48:27", "id": "THREATPOST:7C04F69C011AEFD7882B6B95405A26C6", "href": "https://threatpost.com/openssl-patches-five-flaws-adds-protection-against-logjam-attack/113282/", "type": "threatpost", "title": "OpenSSL Patches Five Flaws, Adds Protection Against Logjam Attack", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:42", "bulletinFamily": "software", "cvelist": ["CVE-2015-4000"], "edition": 1, "description": "Security researcher Matthew Green reported a Diffie\u2013Hellman\n(DHE) key processing issue in Network Security Services (NSS) where a\nman-in-the-middle (MITM) attacker can force a server to downgrade TLS\nconnections to 512-bit export-grade cryptography by modifying client\nrequests to include only export-grade cipher suites. The resulting\nweak key can then be leveraged to impersonate the server. This attack\nis detailed in the \"Imperfect Forward\nSecrecy: How Diffie-Hellman Fails in Practice\" paper and is known as the\n\"Logjam Attack.\"\nThis issue was fixed in NSS version 3.19.1 by limiting the lower strength of\nsupported DHE keys to use 1023 bit primes.", "modified": "2015-07-02T00:00:00", "published": "2015-07-02T00:00:00", "id": "MFSA2015-70", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2015-70/", "type": "mozilla", "title": "NSS accepts export-length DHE keys with regular DHE cipher suites", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nmap": [{"lastseen": "2019-05-30T17:04:42", "description": "Weak ephemeral Diffie-Hellman parameter detection for SSL/TLS services. \n\nThis script simulates SSL/TLS handshakes using ciphersuites that have ephemeral Diffie-Hellman as the key exchange algorithm. \n\nDiffie-Hellman MODP group parameters are extracted and analyzed for vulnerability to Logjam (CVE 2015-4000) and other weaknesses. \n\nOpportunistic STARTTLS sessions are established on services that support them.\n\n## Script Arguments \n\n#### tls.servername \n\nSee the documentation for the tls library. \n\n#### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername \n\nSee the documentation for the smbauth library. \n\n#### mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username \n\nSee the documentation for the mssql library. \n\n#### smtp.domain \n\nSee the documentation for the smtp library. \n\n#### randomseed, smbbasic, smbport, smbsign \n\nSee the documentation for the smb library. \n\n#### vulns.short, vulns.showall \n\nSee the documentation for the vulns library. \n\n## Example Usage \n \n \n nmap --script ssl-dh-params <target>\n \n\n## Script Output \n \n \n Host script results:\n | ssl-dh-params:\n | VULNERABLE:\n | Transport Layer Security (TLS) Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam)\n | State: VULNERABLE\n | IDs: BID:74733 CVE:CVE-2015-4000\n | The Transport Layer Security (TLS) protocol contains a flaw that is triggered\n | when handling Diffie-Hellman key exchanges defined with the DHE_EXPORT cipher.\n | This may allow a man-in-the-middle attacker to downgrade the security of a TLS\n | session to 512-bit export-grade cryptography, which is significantly weaker,\n | allowing the attacker to more easily break the encryption and monitor or tamper\n | with the encrypted stream.\n | Disclosure date: 2015-5-19\n | Check results:\n | EXPORT-GRADE DH GROUP 1\n | Ciphersuite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\n | Modulus Type: Non-safe prime\n | Modulus Source: sun.security.provider/512-bit DSA group with 160-bit prime order subgroup\n | Modulus Length: 512 bits\n | Generator Length: 512 bits\n | Public Key Length: 512 bits\n | References:\n | https://weakdh.org\n | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\n | https://www.securityfocus.com/bid/74733\n |\n | Diffie-Hellman Key Exchange Insufficient Diffie-Hellman Group Strength\n | State: VULNERABLE\n | Transport Layer Security (TLS) services that use Diffie-Hellman groups of\n | insuffficient strength, especially those using one of a few commonly shared\n | groups, may be susceptible to passive eavesdropping attacks.\n | Check results:\n | WEAK DH GROUP 1\n | Ciphersuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n | Modulus Type: Safe prime\n | Modulus Source: Unknown/Custom-generated\n | Modulus Length: 512 bits\n | Generator Length: 8 bits\n | Public Key Length: 512 bits\n | References:\n | https://weakdh.org\n |\n | Diffie-Hellman Key Exchange Potentially Unsafe Group Parameters\n | State: VULNERABLE\n | This TLS service appears to be using a modulus that is not a safe prime and does\n | not correspond to any well-known DSA group for Diffie-Hellman key exchange.\n | These parameters MAY be secure if:\n | - They were generated according to the procedure described in FIPS 186-4 for\n | DSA Domain Parameter Generation, or\n | - The generator g generates a subgroup of large prime order\n | Additional testing may be required to verify the security of these parameters.\n | Check results:\n | NON-SAFE DH GROUP 1\n | Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n | Modulus Type: Non-safe prime\n | Modulus Source: Unknown/Custom-generated\n | Modulus Length: 1024 bits\n | Generator Length: 1024 bits\n | Public Key Length: 1024 bits\n | References:\n |_ https://weakdh.org\n\n## Requires \n\n * nmap\n * shortport\n * sslcert\n * stdnse\n * string\n * math\n * table\n * tls\n * vulns\n * openssl\n\n* * *\n", "edition": 13, "published": "2015-11-13T23:26:57", "title": "ssl-dh-params NSE Script", "type": "nmap", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-4000"], "modified": "2019-04-02T16:51:36", "id": "NMAP:SSL-DH-PARAMS.NSE", "href": "https://nmap.org/nsedoc/scripts/ssl-dh-params.html", "sourceData": "local nmap = require \"nmap\"\nlocal shortport = require \"shortport\"\nlocal sslcert = require \"sslcert\"\nlocal stdnse = require \"stdnse\"\nlocal string = require \"string\"\nlocal math = require \"math\"\nlocal table = require \"table\"\nlocal tls = require \"tls\"\nlocal vulns = require \"vulns\"\nlocal have_ssl, openssl = pcall(require, \"openssl\")\n\ndescription = [[\nWeak ephemeral Diffie-Hellman parameter detection for SSL/TLS services.\n\nThis script simulates SSL/TLS handshakes using ciphersuites that have ephemeral\nDiffie-Hellman as the key exchange algorithm.\n\nDiffie-Hellman MODP group parameters are extracted and analyzed for vulnerability\nto Logjam (CVE 2015-4000) and other weaknesses.\n\nOpportunistic STARTTLS sessions are established on services that support them.\n]]\n\n---\n-- @usage\n-- nmap --script ssl-dh-params <target>\n--\n-- @output\n-- Host script results:\n-- | ssl-dh-params:\n-- | VULNERABLE:\n-- | Transport Layer Security (TLS) Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam)\n-- | State: VULNERABLE\n-- | IDs: BID:74733 CVE:CVE-2015-4000\n-- | The Transport Layer Security (TLS) protocol contains a flaw that is triggered\n-- | when handling Diffie-Hellman key exchanges defined with the DHE_EXPORT cipher.\n-- | This may allow a man-in-the-middle attacker to downgrade the security of a TLS\n-- | session to 512-bit export-grade cryptography, which is significantly weaker,\n-- | allowing the attacker to more easily break the encryption and monitor or tamper\n-- | with the encrypted stream.\n-- | Disclosure date: 2015-5-19\n-- | Check results:\n-- | EXPORT-GRADE DH GROUP 1\n-- | Ciphersuite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA\n-- | Modulus Type: Non-safe prime\n-- | Modulus Source: sun.security.provider/512-bit DSA group with 160-bit prime order subgroup\n-- | Modulus Length: 512 bits\n-- | Generator Length: 512 bits\n-- | Public Key Length: 512 bits\n-- | References:\n-- | https://weakdh.org\n-- | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\n-- | https://www.securityfocus.com/bid/74733\n-- |\n-- | Diffie-Hellman Key Exchange Insufficient Diffie-Hellman Group Strength\n-- | State: VULNERABLE\n-- | Transport Layer Security (TLS) services that use Diffie-Hellman groups of\n-- | insuffficient strength, especially those using one of a few commonly shared\n-- | groups, may be susceptible to passive eavesdropping attacks.\n-- | Check results:\n-- | WEAK DH GROUP 1\n-- | Ciphersuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n-- | Modulus Type: Safe prime\n-- | Modulus Source: Unknown/Custom-generated\n-- | Modulus Length: 512 bits\n-- | Generator Length: 8 bits\n-- | Public Key Length: 512 bits\n-- | References:\n-- | https://weakdh.org\n-- |\n-- | Diffie-Hellman Key Exchange Potentially Unsafe Group Parameters\n-- | State: VULNERABLE\n-- | This TLS service appears to be using a modulus that is not a safe prime and does\n-- | not correspond to any well-known DSA group for Diffie-Hellman key exchange.\n-- | These parameters MAY be secure if:\n-- | - They were generated according to the procedure described in FIPS 186-4 for\n-- | DSA Domain Parameter Generation, or\n-- | - The generator g generates a subgroup of large prime order\n-- | Additional testing may be required to verify the security of these parameters.\n-- | Check results:\n-- | NON-SAFE DH GROUP 1\n-- | Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA\n-- | Modulus Type: Non-safe prime\n-- | Modulus Source: Unknown/Custom-generated\n-- | Modulus Length: 1024 bits\n-- | Generator Length: 1024 bits\n-- | Public Key Length: 1024 bits\n-- | References:\n-- |_ https://weakdh.org\n\nauthor = \"Jacob Gajek\"\nlicense = \"Same as Nmap--See https://nmap.org/book/man-legal.html\"\ncategories = {\"vuln\", \"safe\"}\ndependencies = {\"https-redirect\"}\n\n-- Anonymous Diffie-Hellman key exchange variants\nlocal DH_anon_ALGORITHMS = {\n [\"DH_anon_EXPORT\"] = 1,\n [\"DH_anon\"] = 1\n}\n\n-- Full-strength ephemeral Diffie-Hellman key exchange variants\nlocal DHE_ALGORITHMS = {\n [\"DHE_RSA\"] = 1,\n [\"DHE_DSS\"] = 1,\n [\"DHE_PSK\"] = 1\n}\n\n-- Export-grade ephemeral Diffie-Hellman key exchange variants\nlocal DHE_ALGORITHMS_EXPORT = {\n [\"DHE_RSA_EXPORT\"] = 1,\n [\"DHE_DSS_EXPORT\"] = 1,\n [\"DHE_DSS_EXPORT1024\"] = 1\n}\n\nlocal fromhex = stdnse.fromhex\n\n-- Common Diffie-Hellman groups\n--\n-- The primes from weakdh.org were harvested by:\n-- 1) Scanning the IPv4 space\n-- 2) Scanning Alexa Top 1 million (seen >100 times)\n--\n-- The list from weakdh.org overlaps the original script source code, therefore those were removed.\n-- The primes were not searchable on Google (hope for source code match) - they may belong to closed\n-- source software. If someone happens to find/match it, send a pull request.\nlocal DHE_PRIMES = {\n [fromhex([[\n D4BCD524 06F69B35 994B88DE 5DB89682 C8157F62 D8F33633 EE5772F1 1F05AB22\n D6B5145B 9F241E5A CC31FF09 0A4BC711 48976F76 795094E7 1E790352 9F5A824B\n ]])] = \"mod_ssl 2.0.x/512-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n E6969D3D 495BE32C 7CF180C3 BDD4798E 91B78182 51BB055E 2A206490 4A79A770\n FA15A259 CBD523A6 A6EF09C4 3048D5A2 2F971F3C 20129B48 000E6EDD 061CBC05\n 3E371D79 4E5327DF 611EBBBE 1BAC9B5C 6044CF02 3D76E05E EA9BAD99 1B13A63C\n 974E9EF1 839EB5DB 125136F7 262E56A8 871538DF D823C650 5085E21F 0DD5C86B\n ]])] = \"mod_ssl 2.0.x/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 9FDB8B8A 004544F0 045F1737 D0BA2E0B 274CDF1A 9F588218 FB435316 A16E3741\n 71FD19D8 D8F37C39 BF863FD6 0E3E3006 80A3030C 6E4C3757 D08F70E6 AA871033\n ]])] = \"mod_ssl 2.2.x/512-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n D67DE440 CBBBDC19 36D693D3 4AFD0AD5 0C84D239 A45F520B B88174CB 98BCE951\n 849F912E 639C72FB 13B4B4D7 177E16D5 5AC179BA 420B2A29 FE324A46 7A635E81\n FF590137 7BEDDCFD 33168A46 1AAD3B72 DAE88600 78045B07 A7DBCA78 74087D15\n 10EA9FCC 9DDD3305 07DD62DB 88AEAA74 7DE0F4D6 E2BD68B0 E7393E0F 24218EB3\n ]])] = \"mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n BBBC2DCA D8467490 7C43FCF5 80E9CFDB D958A3F5 68B42D4B 08EED4EB 0FB3504C\n 6C030276 E710800C 5CCBBAA8 922614C5 BEECA565 A5FDF1D2 87A2BC04 9BE67780\n 60E91A92 A757E304 8F68B076 F7D36CC8 F29BA5DF 81DC2CA7 25ECE662 70CC9A50\n 35D8CECE EF9EA027 4A63AB1E 58FAFD49 88D0F65D 146757DA 071DF045 CFE16B9B\n ]])] = \"nginx/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n FCA682CE 8E12CABA 26EFCCF7 110E526D B078B05E DECBCD1E B4A208F3 AE1617AE\n 01F35B91 A47E6DF6 3413C5E1 2ED0899B CD132ACD 50D99151 BDC43EE7 37592E17\n ]])] = \"sun.security.provider/512-bit DSA group with 160-bit prime order subgroup\",\n\n [fromhex([[\n E9E64259 9D355F37 C97FFD35 67120B8E 25C9CD43 E927B3A9 670FBEC5 D8901419\n 22D2C3B3 AD248009 3799869D 1E846AAB 49FAB0AD 26D2CE6A 22219D47 0BCE7D77\n 7D4A21FB E9C270B5 7F607002 F3CEF839 3694CF45 EE3688C1 1A8C56AB 127A3DAF\n ]])] = \"sun.security.provider/768-bit DSA group with 160-bit prime order subgroup\",\n\n [fromhex([[\n FD7F5381 1D751229 52DF4A9C 2EECE4E7 F611B752 3CEF4400 C31E3F80 B6512669\n 455D4022 51FB593D 8D58FABF C5F5BA30 F6CB9B55 6CD7813B 801D346F F26660B7\n 6B9950A5 A49F9FE8 047B1022 C24FBBA9 D7FEB7C6 1BF83B57 E7C6A8A6 150F04FB\n 83F6D3C5 1EC30235 54135A16 9132F675 F3AE2B61 D72AEFF2 2203199D D14801C7\n ]])] = \"sun.security.provider/1024-bit DSA group with 160-bit prime order subgroup\",\n\n [fromhex([[\n DA583C16 D9852289 D0E4AF75 6F4CCA92 DD4BE533 B804FB0F ED94EF9C 8A4403ED\n 574650D3 6999DB29 D776276B A2D3D412 E218F4DD 1E084CF6 D8003E7C 4774E833\n ]])] = \"openssl/512-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 97F64261 CAB505DD 2828E13F 1D68B6D3 DBD0F313 047F40E8 56DA58CB 13B8A1BF\n 2B783A4C 6D59D5F9 2AFC6CFF 3D693F78 B23D4F31 60A9502E 3EFAF7AB 5E1AD5A6\n 5E554313 828DA83B 9FF2D941 DEE95689 FADAEA09 36ADDF19 71FE635B 20AF4703\n 64603C2D E059F54B 650AD8FA 0CF70121 C74799D7 587132BE 9B999BB9 B787E8AB\n ]])] = \"openssl/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n ED928935 824555CB 3BFBA276 5A690461 BF21F3AB 53D2CD21 DAFF7819 1152F10E\n C1E255BD 686F6800 53B9226A 2FE49A34 1F65CC59 328ABDB1 DB49EDDF A71266C3\n FD210470 18F07FD6 F7585119 72827B22 A934181D 2FCB21CF 6D92AE43 B6A829C7\n 27A3CB00 C5F2E5FB 0AA45985 A2BDAD45 F0B3ADF9 E08135EE D983B3CC AEEAEB66\n E6A95766 B9F128A5 3F2280D7 0BA6F671 939B810E F85A90E6 CCCA6F66 5F7AC010\n 1A1EF0FC 2DB6080C 6228B0EC DB8928EE 0CA83D65 94691669 533C5360 13B02BA7\n D48287AD 1C729E41 35FCC27C E951DE61 85FC199B 76600F33 F86BB3CA 520E29C3\n 07E89016 CCCC0019 B6ADC3A4 308B33A1 AFD88C8D 9D01DBA4 C4DD7F0B BD6F38C3\n ]])] = \"openssl/2048-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n AED037C3 BDF33FA2 EEDC4390 B70A2089 7B770175 E9B92EB2 0F8061CC D4B5A591\n 723C7934 FDA9F9F3 274490F8 50647283 5BE05927 1C4F2C03 5A4EE756 A36613F1\n 382DBD47 4DE8A4A0 322122E8 C730A83C 3E4800EE BD6F8548 A5181711 BA545231\n C843FAC4 175FFAF8 49C440DB 446D8462 C1C3451B 49EFA829 F5C48A4C 7BAC7F64\n 7EE00015 1AA9ED81 101B36AB 5C39AAFF EC54A3F8 F97C1B7B F406DCB4 2DC092A5\n BAA06259 EFEB3FAB 12B42698 2E8F3EF4 B3F7B4C3 302A24C8 AA4213D8 45035CE4\n A8ADD31F 816616F1 9E21A5C9 5080597F 8980AD6B 814E3585 5B79E684 4491527D\n 552B72B7 C78D8D6B 993A736F 8486B305 88B8F1B8 7E89668A 8BD3F13D DC517D4B\n ]])] = \"openssl/2048-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n FEEAD19D BEAF90F6 1CFCA106 5D69DB08 839A2A2B 6AEF2488 ABD7531F BB3E462E\n 7DCECEFB CEDCBBBD F56549EE 95153056 8188C3D9 7294166B 6AABA0AA 5CC8555F\n 9125503A 180E9032 4C7F39C6 A3452F31 42EE72AB 7DFFC74C 528DB6DA 76D9C644\n F55D083E 9CDE74F7 E742413B 69476617 D2670F2B F6D59FFC D7C3BDDE ED41E2BD\n 2CCDD9E6 12F1056C AB88C441 D7F9BA74 651ED1A8 4D407A27 D71895F7 77AB6C77\n 63CC00E6 F1C30B2F E7944692 7E74BC73 B8431B53 011AF5AD 1515E63D C1DE83CC\n 802ECE7D FC71FBDF 179F8E41 D7F1B43E BA75D5A9 C3B11D4F 1B0B5A09 88A9AACB\n CCC10512 26DC8410 E41693EC 8591E31E E2F5AFDF AEDE122D 1277FC27 0BE4D25C\n 1137A58B E961EAC9 F27D4C71 E2391904 DD6AB27B ECE5BD6C 64C79B14 6C2D208C\n D63A4B74 F8DAE638 DBE2C880 6BA10773 8A8DF5CF E214A4B7 3D03C912 75FBA572\n 8146CE5F EC01775B 74481ADF 86F4854D 65F5DA4B B67F882A 60CE0BCA 0ACD157A\n A377F10B 091AD0B5 68893039 ECA33CDC B61BA8C9 E32A87A2 F5D8B7FD 26734D2F\n 09679235 2D70ADE9 F4A51D84 88BC57D3 2A638E0B 14D6693F 6776FFFB 355FEDF6\n 52201FA7 0CB8DB34 FB549490 951A701E 04AD49D6 71B74D08 9CAA8C0E 5E833A21\n 291D6978 F918F25D 5C769BDB E4BB72A8 4A1AFE6A 0BBAD18D 3EACC7B4 54AF408D\n 4F1CCB23 B9AE576F DAE2D1A6 8F43D275 741DB19E EDC3B81B 5E56964F 5F8C3363\n ]])] = \"openssl/4096-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF\n ]])] = \"RFC2409/Oakley Group 1\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED\n EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 FFFFFFFF FFFFFFFF\n ]])] = \"RFC2409/Oakley Group 2\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED\n EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D C2007CB8 A163BF05\n 98DA4836 1C55D39A 69163FA8 FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB\n 9ED52907 7096966D 670C354E 4ABC9804 F1746C08 CA237327 FFFFFFFF FFFFFFFF\n ]])] = \"RFC3526/Oakley Group 5\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED\n EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D C2007CB8 A163BF05\n 98DA4836 1C55D39A 69163FA8 FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB\n 9ED52907 7096966D 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B\n E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718\n 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AACAA68 FFFFFFFF FFFFFFFF\n ]])] = \"RFC3526/Oakley Group 14\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED\n EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D C2007CB8 A163BF05\n 98DA4836 1C55D39A 69163FA8 FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB\n 9ED52907 7096966D 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B\n E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718\n 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D 04507A33\n A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7\n ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B F12FFA06 D98A0864\n D8760273 3EC86A64 521F2B18 177B200C BBE11757 7A615D6C 770988C0 BAD946E2\n 08E24FA0 74E5AB31 43DB5BFC E0FD108E 4B82D120 A93AD2CA FFFFFFFF FFFFFFFF\n ]])] = \"RFC3526/Oakley Group 15\",\n\n [fromhex([[\n FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74\n 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437\n 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED\n EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE45B3D C2007CB8 A163BF05\n 98DA4836 1C55D39A 69163FA8 FD24CF5F 83655D23 DCA3AD96 1C62F356 208552BB\n 9ED52907 7096966D 670C354E 4ABC9804 F1746C08 CA18217C 32905E46 2E36CE3B\n E39E772C 180E8603 9B2783A2 EC07A28F B5C55DF0 6F4C52C9 DE2BCBF6 95581718\n 3995497C EA956AE5 15D22618 98FA0510 15728E5A 8AAAC42D AD33170D 04507A33\n A85521AB DF1CBA64 ECFB8504 58DBEF0A 8AEA7157 5D060C7D B3970F85 A6E1E4C7\n ABF5AE8C DB0933D7 1E8C94E0 4A25619D CEE3D226 1AD2EE6B F12FFA06 D98A0864\n D8760273 3EC86A64 521F2B18 177B200C BBE11757 7A615D6C 770988C0 BAD946E2\n 08E24FA0 74E5AB31 43DB5BFC E0FD108E 4B82D120 A9210801 1A723C12 A787E6D7\n 88719A10 BDBA5B26 99C32718 6AF4E23C 1A946834 B6150BDA 2583E9CA 2AD44CE8\n DBBBC2DB 04DE8EF9 2E8EFC14 1FBECAA6 287C5947 4E6BC05D 99B2964F A090C3A2\n 233BA186 515BE7ED 1F612970 CEE2D7AF B81BDD76 2170481C D0069127 D5B05AA9\n 93B4EA98 8D8FDDC1 86FFB7DC 90A6C08F 4DF435C9 34063199 FFFFFFFF FFFFFFFF\n ]])] = \"RFC3526/Oakley Group 16\",\n\n [fromhex([[\n B10B8F96 A080E01D DE92DE5E AE5D54EC 52C99FBC FB06A3C6 9A6A9DCA 52D23B61\n 6073E286 75A23D18 9838EF1E 2EE652C0 13ECB4AE A9061123 24975C3C D49B83BF\n ACCBDD7D 90C4BD70 98488E9C 219A7372 4EFFD6FA E5644738 FAA31A4F F55BCCC0\n A151AF5F 0DC8B4BD 45BF37DF 365C1A65 E68CFDA7 6D4DA708 DF1FB2BC 2E4A4371\n ]])] = \"RFC5114/1024-bit DSA group with 160-bit prime order subgroup\",\n\n [fromhex([[\n AD107E1E 9123A9D0 D660FAA7 9559C51F A20D64E5 683B9FD1 B54B1597 B61D0A75\n E6FA141D F95A56DB AF9A3C40 7BA1DF15 EB3D688A 309C180E 1DE6B85A 1274A0A6\n 6D3F8152 AD6AC212 9037C9ED EFDA4DF8 D91E8FEF 55B7394B 7AD5B7D0 B6C12207\n C9F98D11 ED34DBF6 C6BA0B2C 8BBC27BE 6A00E0A0 B9C49708 B3BF8A31 70918836\n 81286130 BC8985DB 1602E714 415D9330 278273C7 DE31EFDC 7310F712 1FD5A074\n 15987D9A DC0A486D CDF93ACC 44328387 315D75E1 98C641A4 80CD86A1 B9E587E8\n BE60E69C C928B2B9 C52172E4 13042E9B 23F10B0E 16E79763 C9B53DCF 4BA80A29\n E3FB73C1 6B8E75B9 7EF363E2 FFA31F71 CF9DE538 4E71B81C 0AC4DFFE 0C10E64F\n ]])] = \"RFC5114/2048-bit DSA group with 224-bit prime order subgroup\",\n\n [fromhex([[\n 87A8E61D B4B6663C FFBBD19C 65195999 8CEEF608 660DD0F2 5D2CEED4 435E3B00\n E00DF8F1 D61957D4 FAF7DF45 61B2AA30 16C3D911 34096FAA 3BF4296D 830E9A7C\n 209E0C64 97517ABD 5A8A9D30 6BCF67ED 91F9E672 5B4758C0 22E0B1EF 4275BF7B\n 6C5BFC11 D45F9088 B941F54E B1E59BB8 BC39A0BF 12307F5C 4FDB70C5 81B23F76\n B63ACAE1 CAA6B790 2D525267 35488A0E F13C6D9A 51BFA4AB 3AD83477 96524D8E\n F6A167B5 A41825D9 67E144E5 14056425 1CCACB83 E6B486F6 B3CA3F79 71506026\n C0B857F6 89962856 DED4010A BD0BE621 C3A3960A 54E710C3 75F26375 D7014103\n A4B54330 C198AF12 6116D227 6E11715F 693877FA D7EF09CA DB094AE9 1E1A1597\n ]])] = \"RFC5114/2048-bit DSA group with 256-bit prime order subgroup\",\n\n [fromhex([[\n D6C094AD 57F5374F 68D58C7B 096872D9 45CEE1F8 2664E059 4421E1D5 E3C8E98B\n C3F0A6AF 8F92F19E 3FEF9337 B99B9C93 A055D55A 96E42573 4005A68E D47040FD\n F00A5593 6EBA4B93 F64CBA1A 004E4513 611C9B21 7438A703 A2060C20 38D0CFAA\n FFBBA48F B9DAC4B2 450DC58C B0320A03 17E2A31B 44A02787 C657FB0C 0CBEC11D\n ]])] = \"weakdh.org/1024-bit MODP group with non-safe prime modulus\",\n\n [fromhex([[\n C9BBF5F7 74A8297B 0F97CDDA 3A3468C7 117B6BF7 99A13D9F 1F5DAC48 7B2241FE\n 95EFB13C 2855DFD2 F898B3F9 9188E24E DF326DD6 8C76CC85 53728351 2D46F195\n 3129C693 364D8C71 202EABB3 EBC85C1D F53907FB D0B7EB49 0AD0BC99 28968680\n 0C46AB04 BF7CDD9A D425E6FB 25592EB6 258A0655 D75E93B2 671746AE 349E721B\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 829FEBFC E3EE0434 862D3364 A62BDE7B 65F0C74A 3A53B555 291414FC AE5E86D7\n 34B16DBD CC952B1C 5EB443B1 54B3B466 62E811E1 1D8BC731 34018A5E A7B5B6A9\n 720D84BC 28B74822 C5AF24C9 04E5BB5A DABF8FF2 A5ED7B45 6688D6CA B82F8AF0\n 188A456C 3ED62D2F EACF6BD3 FD47337D 884DFA09 F0A3D696 75E35806 E3AE9593\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 92402435 C3A12E44 D3730D8E 78CADFA7 8E2F5B51 A956BFF4 DB8E5652 3E9695E6\n 3E32506C FEB912F2 A77D22E7 1BB54C86 80893B82 AD1BCF33 7F7F7796 D3FB9681\n 81D9BA1F 7034ABFB 1F97B310 4CF3203F 663E8199 0B7E090F 6C4C5EE1 A0E57EC1\n 74D3E84A D9E72E6A C7DA6AEA 12DF297C 131854FB F21AC4E8 79C23BBC 60B4F753\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n A9A34811 446C7B69 A29FF999 7C2181EC FAAAD139 CCDE2455 755D42F4 2E700AFD\n 86779D54 8A7C07CA 5DE42332 61117D0A 5773F245 9C331AF1 A1B08EF8 360A14DE\n 4046F274 62DA36AA 47D9FDE2 92B8815D 598C3A9C 546E7ED3 95D22EC3 9119F5B9\n 22CC41B3 0AF220FF 47BDE1B8 8334AD29 81DDC5ED 923F11C3 DDD3B22C 949DC41B\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n CA6B8564 6DC21765 7605DACF E801FAD7 59845383 4AF126C8 CC765E0F 81014F24\n 93546AB7 DDE5C677 C32D5B06 05B1BBFA 4C5DBFA3 253ADB33 205B7D8C 67DF98C4\n BCE81C78 13F9FC26 15F1C332 F953AB39 CE8B7FE7 E3951FB7 3131407F 4D5489B6\n B17C6875 9A2EAF8B 195A8DE8 0A165E4E B7520774 B167A00F A5629FDC 5A9A25F3\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n EB373E94 AB618DF8 20D233ED 93E3EBCB 319BDAC2 0994C1DF 003986A7 9FAFFF76\n 54151CC9 E0641314 92698B47 496F5FDC FAF12892 679D8BC3 1580D7D4 1CD83F81\n 529C7951 3D58EC67 2E0E87FC D008C137 E3E5861A B2D3A02F 4D372CEE 4F220FEB\n 2C9039AC 997664A7 EBB75444 6AA69EB3 E0EF3C60 F91C2639 2B54EC35 A970A7BB\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 80A68ADC 5327E05C AAD07C44 64B8ADEA 908432AF 9651B237 F47A7A8B F84D568F\n DFDAFAB0 6621C0C4 28450F1C 55F7D4A8 ECE383F2 7D6055AD DF60C4B8 37DCC1E3\n B8374E37 99517929 39FDC3BB B4285112 C8B4A9F6 FCE4DD53 AA23F99E 2647C394\n CE4D8BB8 2E773F41 EB786CE8 4CD0C3DD 4C31D755 D1CF9E9B 70C45EE2 8ECDABAB\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n C0EB5F3A 4CB30A9F FE3786E8 4C038141 69B52030 5AD49F54 EFD8CAAC 31A69B29\n 73CC9F57 B4B8F80D 2C5FB68B 3913B617 2042D2E5 BD53381A 5E597696 C9E97BD6\n 488DB339 5581320D DD4AF9CD E4A4EBE2 9118C688 28E5B392 89C26728 0B4FDC25\n 10C288B2 174D77EE 0AAD9C1E 17EA5ED3 7CF971B6 B19A8711 8E529826 591CA14B\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n [fromhex([[\n 8FC0E1E2 0574D6AB 3C76DDEA 64524C20 76446B67 98E5B6BD 2614F966 9A5061D6\n 99034DB4 819780EC 8EE28A4E 66B5C4E0 A634E47B F9C981A5 EC4908EE 1B83A410\n 813165AC 0AB6BDCF D3257188 AC49399D 541C16F2 960F9D64 B9C51EC0 85AD0BB4\n FE389013 18F0CD61 65D4B1B3 1C723953 B83217F8 B3EBF870 8160E82D 7911754B\n ]])] = \"weakdh.org/1024-bit MODP group with safe prime modulus\",\n\n -- haproxy, postfix, and IronPort params courtesy Frank Bergmann\n [fromhex([[\n EC86F870 A03316EC 051A7359 CD1F8BF8 29E4D2CF 52DDC224 8DB5389A FB5CA4E4\n B2DACE66 5074A685 4D4B1D30 B82BF310 E9A72D05 71E781DF 8B59523B 5F430B68\n F1DB07BE 086B1B23 EE4DCC9E 0E43A01E DF438CEC BEBE90B4 5154B92F 7B64764E\n 5DD42EAE C29EAE51 4359C777 9C503C0E ED73045F F14C762A D8F8CFFC 3440D1B4\n 42618466 423904F8 68B262D7 55ED1B74 7591E0C5 69C1315C DB7B442E CE84580D\n 1E660CC8 449EFD40 08675DFB A7768F00 1187E993 F97DC4BC 745520D4 4A412F43\n 421AC1F2 97174927 376B2F88 7E1CA0A1 899227D9 565A71C1 56377E3A 9D05E7EE\n 5D8F8217 BCE9C293 3082F9F4 C9AE49DB D054B4D9 754DFA06 B8D63841 B71F77F3\n ]])] = \"haproxy 1.5 builtin\",\n\n [fromhex([[\n B0FEB4CF D45507E7 CC88590D 1726C50C A54A9223 8178DA88 AA4C1306 BF5D2F9E\n BC96B851 009D0C0D 75ADFD3B B17E714F 3F915414 44B83025 1CEBDF72 9C4CF189\n 0D683F94 8EA4FB76 8918B291 16900199 668C5381 4E273D99 E75A7AAF D5ECE27E\n FAED0118 C2782559 065C39F6 CD4954AF C1B1EA4A F953D0DF 6DAFD493 E7BAAE9B\n ]])] = \"postfix builtin\",\n\n [fromhex([[\n F8D5CCE8 7A3961B5 F5CBC834 40C51856 E0E6FA6D 5AB28310 78C86762 1CA46CA8\n 7D7FA3B1 AF75B834 3C699374 D36920F2 E39A653D E8F0725A A6E2D297 7537558C\n E27E784F 4B549BEF B558927B A30C8BD8 1DACDCAE 93027B5D CE1BC176 70AF7DEC\n E81149AB D7D632D9 B80A6397 CEBCC7A9 619CCF38 288EA3D5 23287743 B04E6FB3\n ]])] = \"IronPort SMTPD builtin\",\n}\n\n\n-- DSA parameters\nlocal DSA_PARAMS = {\n -- sun.security.provider/512-bit DSA group with 160-bit prime order subgroup\n [fromhex([[\n FCA682CE 8E12CABA 26EFCCF7 110E526D B078B05E DECBCD1E B4A208F3 AE1617AE\n 01F35B91 A47E6DF6 3413C5E1 2ED0899B CD132ACD 50D99151 BDC43EE7 37592E17\n ]])] =\n\n fromhex([[\n 678471B2 7A9CF44E E91A49C5 147DB1A9 AAF244F0 5A434D64 86931D2D 14271B9E\n 35030B71 FD73DA17 9069B32E 2935630E 1C206235 4D0DA20A 6C416E50 BE794CA4\n ]]),\n\n -- sun.security.provider/768-bit DSA group with 160-bit prime order subgroup\n [fromhex([[\n E9E64259 9D355F37 C97FFD35 67120B8E 25C9CD43 E927B3A9 670FBEC5 D8901419\n 22D2C3B3 AD248009 3799869D 1E846AAB 49FAB0AD 26D2CE6A 22219D47 0BCE7D77\n 7D4A21FB E9C270B5 7F607002 F3CEF839 3694CF45 EE3688C1 1A8C56AB 127A3DAF\n ]])] =\n\n fromhex([[\n 30470AD5 A005FB14 CE2D9DCD 87E38BC7 D1B1C5FA CBAECBE9 5F190AA7 A31D23C4\n DBBCBE06 17454440 1A5B2C02 0965D8C2 BD2171D3 66844577 1F74BA08 4D2029D8\n 3C1C1585 47F3A9F1 A2715BE2 3D51AE4D 3E5A1F6A 7064F316 933A346D 3F529252\n ]]),\n\n -- sun.security.provider/1024-bit DSA group with 160-bit prime order subgroup\n [fromhex([[\n FD7F5381 1D751229 52DF4A9C 2EECE4E7 F611B752 3CEF4400 C31E3F80 B6512669\n 455D4022 51FB593D 8D58FABF C5F5BA30 F6CB9B55 6CD7813B 801D346F F26660B7\n 6B9950A5 A49F9FE8 047B1022 C24FBBA9 D7FEB7C6 1BF83B57 E7C6A8A6 150F04FB\n 83F6D3C5 1EC30235 54135A16 9132F675 F3AE2B61 D72AEFF2 2203199D D14801C7\n ]])] =\n\n fromhex([[\n F7E1A085 D69B3DDE CBBCAB5C 36B857B9 7994AFBB FA3AEA82 F9574C0B 3D078267\n 5159578E BAD4594F E6710710 8180B449 167123E8 4C281613 B7CF0932 8CC8A6E1\n 3C167A8B 547C8D28 E0A3AE1E 2BB3A675 916EA37F 0BFA2135 62F1FB62 7A01243B\n CCA4F1BE A8519089 A883DFE1 5AE59F06 928B665E 807B5525 64014C3B FECF492A\n ]]),\n\n -- RFC5114/1024-bit DSA group with 160-bit prime order subgroup\n [fromhex([[\n B10B8F96 A080E01D DE92DE5E AE5D54EC 52C99FBC FB06A3C6 9A6A9DCA 52D23B61\n 6073E286 75A23D18 9838EF1E 2EE652C0 13ECB4AE A9061123 24975C3C D49B83BF\n ACCBDD7D 90C4BD70 98488E9C 219A7372 4EFFD6FA E5644738 FAA31A4F F55BCCC0\n A151AF5F 0DC8B4BD 45BF37DF 365C1A65 E68CFDA7 6D4DA708 DF1FB2BC 2E4A4371\n ]])] =\n\n fromhex([[\n A4D1CBD5 C3FD3412 6765A442 EFB99905 F8104DD2 58AC507F D6406CFF 14266D31\n 266FEA1E 5C41564B 777E690F 5504F213 160217B4 B01B886A 5E91547F 9E2749F4\n D7FBD7D3 B9A92EE1 909D0D22 63F80A76 A6A24C08 7A091F53 1DBF0A01 69B6A28A\n D662A4D1 8E73AFA3 2D779D59 18D08BC8 858F4DCE F97C2A24 855E6EEB 22B3B2E5\n ]]),\n\n -- RFC5114/2048-bit DSA group with 224-bit prime order subgroup\n [fromhex([[\n AD107E1E 9123A9D0 D660FAA7 9559C51F A20D64E5 683B9FD1 B54B1597 B61D0A75\n E6FA141D F95A56DB AF9A3C40 7BA1DF15 EB3D688A 309C180E 1DE6B85A 1274A0A6\n 6D3F8152 AD6AC212 9037C9ED EFDA4DF8 D91E8FEF 55B7394B 7AD5B7D0 B6C12207\n C9F98D11 ED34DBF6 C6BA0B2C 8BBC27BE 6A00E0A0 B9C49708 B3BF8A31 70918836\n 81286130 BC8985DB 1602E714 415D9330 278273C7 DE31EFDC 7310F712 1FD5A074\n 15987D9A DC0A486D CDF93ACC 44328387 315D75E1 98C641A4 80CD86A1 B9E587E8\n BE60E69C C928B2B9 C52172E4 13042E9B 23F10B0E 16E79763 C9B53DCF 4BA80A29\n E3FB73C1 6B8E75B9 7EF363E2 FFA31F71 CF9DE538 4E71B81C 0AC4DFFE 0C10E64F\n ]])] =\n\n fromhex([[\n AC4032EF 4F2D9AE3 9DF30B5C 8FFDAC50 6CDEBE7B 89998CAF 74866A08 CFE4FFE3\n A6824A4E 10B9A6F0 DD921F01 A70C4AFA AB739D77 00C29F52 C57DB17C 620A8652\n BE5E9001 A8D66AD7 C1766910 1999024A F4D02727 5AC1348B B8A762D0 521BC98A\n E2471504 22EA1ED4 09939D54 DA7460CD B5F6C6B2 50717CBE F180EB34 118E98D1\n 19529A45 D6F83456 6E3025E3 16A330EF BB77A86F 0C1AB15B 051AE3D4 28C8F8AC\n B70A8137 150B8EEB 10E183ED D19963DD D9E263E4 770589EF 6AA21E7F 5F2FF381\n B539CCE3 409D13CD 566AFBB4 8D6C0191 81E1BCFE 94B30269 EDFE72FE 9B6AA4BD\n 7B5A0F1C 71CFFF4C 19C418E1 F6EC0179 81BC087F 2A7065B3 84B890D3 191F2BFA\n ]]),\n\n -- RFC5114/2048-bit DSA group with 256-bit prime order subgroup\n [fromhex([[\n 87A8E61D B4B6663C FFBBD19C 65195999 8CEEF608 660DD0F2 5D2CEED4 435E3B00\n E00DF8F1 D61957D4 FAF7DF45 61B2AA30 16C3D911 34096FAA 3BF4296D 830E9A7C\n 209E0C64 97517ABD 5A8A9D30 6BCF67ED 91F9E672 5B4758C0 22E0B1EF 4275BF7B\n 6C5BFC11 D45F9088 B941F54E B1E59BB8 BC39A0BF 12307F5C 4FDB70C5 81B23F76\n B63ACAE1 CAA6B790 2D525267 35488A0E F13C6D9A 51BFA4AB 3AD83477 96524D8E\n F6A167B5 A41825D9 67E144E5 14056425 1CCACB83 E6B486F6 B3CA3F79 71506026\n C0B857F6 89962856 DED4010A BD0BE621 C3A3960A 54E710C3 75F26375 D7014103\n A4B54330 C198AF12 6116D227 6E11715F 693877FA D7EF09CA DB094AE9 1E1A1597\n ]])] =\n\n fromhex([[\n 3FB32C9B 73134D0B 2E775066 60EDBD48 4CA7B18F 21EF2054 07F4793A 1A0BA125\n 10DBC150 77BE463F FF4FED4A AC0BB555 BE3A6C1B 0C6B47B1 BC3773BF 7E8C6F62\n 901228F8 C28CBB18 A55AE313 41000A65 0196F931 C77A57F2 DDF463E5 E9EC144B\n 777DE62A AAB8A862 8AC376D2 82D6ED38 64E67982 428EBC83 1D14348F 6F2F9193\n B5045AF2 767164E1 DFC967C1 FB3F2E55 A4BD1BFF E83B9C80 D052B985 D182EA0A\n DB2A3B73 13D3FE14 C8484B1E 052588B9 B7D2BBD2 DF016199 ECD06E15 57CD0915\n B3353BBB 64E0EC37 7FD02837 0DF92B52 C7891428 CDC67EB6 184B523D 1DB246C3\n 2F630784 90F00EF8 D647D148 D4795451 5E2327CF EF98C582 664B4C0F 6CC41659\n ]])\n}\n\n\n-- Add additional context (protocol) to debug output\nlocal function ctx_log(level, protocol, fmt, ...)\n return stdnse.debug(level, \"(%s) \" .. fmt, protocol, ...)\nend\n\n\n-- returns a function that yields a new tls record each time it is called\nlocal function get_record_iter(sock)\n local buffer = \"\"\n local i = 1\n local fragment\n return function ()\n local record\n i, record = tls.record_read(buffer, i, fragment)\n if record == nil then\n local status, err\n status, buffer, err = tls.record_buffer(sock, buffer, i)\n if not status then\n return nil, err\n end\n i, record = tls.record_read(buffer, i, fragment)\n if record == nil then\n return nil, \"done\"\n end\n end\n fragment = record.fragment\n return record\n end\nend\n\n\nlocal function get_server_response(host, port, t)\n local timeout = stdnse.get_timeout(host, 10000, 5000)\n\n -- Create socket.\n local status, sock, err\n local starttls = sslcert.getPrepareTLSWithoutReconnect(port)\n if starttls then\n status, sock = starttls(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", sock)\n return nil\n end\n else\n sock = nmap.new_socket()\n sock:set_timeout(timeout)\n status, err = sock:connect(host, port)\n if not status then\n ctx_log(1, t.protocol, \"Can't connect: %s\", err)\n sock:close()\n return nil\n end\n end\n\n sock:set_timeout(timeout)\n\n -- Send request.\n local req = tls.client_hello(t)\n status, err = sock:send(req)\n if not status then\n ctx_log(1, t.protocol, \"Can't send: %s\", err)\n sock:close()\n return nil\n end\n\n -- Read response.\n local get_next_record = get_record_iter(sock)\n local records = {}\n while true do\n local record\n record, err = get_next_record()\n if not record then\n ctx_log(1, t.protocol, \"Couldn't read a TLS record: %s\", err)\n sock:close()\n return records\n end\n -- Collect message bodies into one record per type\n records[record.type] = records[record.type] or record\n local done = false\n for j = 1, #record.body do -- no ipairs because we append below\n local b = record.body[j]\n done = ((record.type == \"alert\" and b.level == \"fatal\") or\n (record.type == \"handshake\" and b.type == \"server_hello_done\"))\n table.insert(records[record.type].body, b)\n end\n if done then\n sock:close()\n return records\n end\n end\nend\n\n-- If protocol fails (i.e. no ciphers will ever succeed) then returns false\n-- If no ciphers were supported, but the protocol is valid, then returns nil\n-- else returns the cipher and dh params\nlocal function get_dhe_params(host, port, protocol, ciphers)\n local cipher, packed\n local t = {}\n local pos = 1\n t.protocol = protocol\n local tlsname = tls.servername(host)\n t.extensions = {\n server_name = tlsname and tls.EXTENSION_HELPERS[\"server_name\"](tlsname),\n }\n\n -- Keep ClientHello record size below 255 bytes and the number of ciphersuites\n -- to 64 or less in order to avoid implementation issues with some TLS servers\n\n -- Get handshake record size with just one cipher\n t.ciphers = { \"TLS_NULL_WITH_NULL_NULL\" }\n local len = #tls.client_hello(t)\n local room = math.floor(math.max(0, (255 - len) / 2))\n\n local function next_chunk(t, ciphers, pos)\n\n -- Compute number of ciphers to fit in next chunk\n local last = math.min(#ciphers, pos + math.min(63, room))\n t.ciphers = {}\n\n for i = pos, last do\n table.insert(t.ciphers, ciphers[i])\n end\n\n return last + 1\n end\n\n while pos <= #ciphers do\n pos = next_chunk(t, ciphers, pos)\n local records = get_server_response(host, port, t)\n if not records then\n stdnse.debug1(\"Connection failed\")\n return false\n end\n\n local alert = records.alert\n if alert then\n for j = 1, #alert.body do\n ctx_log(2, protocol, \"Received alert: %s\", alert.body[j].description)\n if alert[\"protocol\"] ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected.\")\n return false\n end\n end\n end\n\n -- Extract negotiated cipher suite and key exchange data\n local handshake = records.handshake\n if handshake then\n for j = 1, #handshake.body do\n if handshake.body[j].type == \"server_hello\" then\n if handshake.body[j].protocol ~= protocol then\n ctx_log(1, protocol, \"Protocol rejected in server hello\")\n return false\n end\n cipher = handshake.body[j].cipher\n elseif handshake.body[j].type == \"server_key_exchange\" then\n packed = handshake.body[j].data\n end\n end\n end\n\n -- Only try next chunk if current chunk was rejected\n if cipher and packed then\n local info = tls.cipher_info(cipher)\n local data = tls.KEX_ALGORITHMS[info.kex].server_key_exchange(packed, protocol)\n return cipher, data.dhparams\n end\n end\n\n return nil\nend\n\n\nlocal function get_dhe_ciphers()\n local dh_anons = {}\n local dhe_ciphers = {}\n local dhe_exports = {}\n\n for cipher, _ in pairs(tls.CIPHERS) do\n local info = tls.cipher_info(cipher)\n if DH_anon_ALGORITHMS[info.kex] then\n dh_anons[#dh_anons + 1] = cipher\n end\n if DHE_ALGORITHMS[info.kex] then\n dhe_ciphers[#dhe_ciphers + 1] = cipher\n end\n if DHE_ALGORITHMS_EXPORT[info.kex] then\n dhe_exports[#dhe_exports + 1] = cipher\n end\n end\n\n return dh_anons, dhe_ciphers, dhe_exports\nend\n\nlocal fields_order = {\n \"Cipher Suite\",\n \"Modulus Type\",\n \"Modulus Source\",\n \"Modulus Length\",\n \"Generator Length\",\n \"Public Key Length\",\n}\nlocal group_metatable = {\n __tostring = function(g)\n local out = {}\n for i=1, #fields_order do\n local k = fields_order[i]\n if g[k] then\n out[#out+1] = (\" %s: %s\"):format(k, g[k])\n end\n end\n return table.concat(out, \"\\n\")\n end\n}\n\nlocal function check_dhgroup(anondh, logjam, weakdh, nosafe, cipher, dhparams)\n local source = DHE_PRIMES[dhparams.p]\n local length = #dhparams.p * 8\n local genlen = #dhparams.g * 8\n local pubkeylen = #dhparams.y * 8\n local modulus = stdnse.tohex(dhparams.p)\n local generator = stdnse.tohex(dhparams.g)\n local pubkey = stdnse.tohex(dhparams.y)\n local is_prime, is_safe\n\n local group = {\n [\"Cipher Suite\"] = cipher,\n [\"Modulus Source\"] = source or \"Unknown/Custom-generated\",\n [\"Modulus Length\"] = length,\n [\"Modulus\"] = modulus,\n [\"Generator Length\"] = genlen,\n [\"Generator\"] = generator,\n [\"Public Key Length\"] = pubkeylen\n }\n setmetatable(group, group_metatable)\n\n if have_ssl then\n local bn = openssl.bignum_bin2bn(dhparams.p)\n is_safe, is_prime = openssl.bignum_is_safe_prime(bn)\n group[\"Modulus Type\"] = (is_safe and \"Safe prime\") or\n (is_prime and \"Non-safe prime\") or\n \"Composite\"\n end\n\n if string.find(cipher, \"DH_anon\") then\n anondh[#anondh + 1] = group\n elseif string.find(cipher, \"EXPORT\") then\n logjam[#logjam + 1] = group\n elseif length <= 1024 then\n weakdh[#weakdh + 1] = group\n end\n\n -- The use of non-safe primes requires carefully generated parameters\n -- in order to be secure. Do some rudimentary validation checks here.\n if have_ssl and not is_safe and not DSA_PARAMS[dhparams.p] then\n nosafe[#nosafe + 1] = group\n elseif DSA_PARAMS[dhparams.p] and DSA_PARAMS[dhparams.p] ~= dhparams.g then\n nosafe[#nosafe + 1] = group\n end\nend\n\n\nportrule = function(host, port)\n return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)\nend\n\nlocal function format_check(t, label)\n local out = {}\n for i, v in ipairs(t) do\n out[i] = string.format(\"%s %d\\n%s\", label, i, v)\n end\n return out\nend\n\naction = function(host, port)\n local dh_anons, dhe_ciphers, dhe_exports = get_dhe_ciphers()\n local cipher\n local dhparams\n local anondh = {}\n local logjam = {}\n local weakdh = {}\n local nosafe = {}\n local primes = {}\n local anons = {}\n\n local vuln_table_anondh = {\n title = \"Anonymous Diffie-Hellman Key Exchange MitM Vulnerability\",\n description = [[\nTransport Layer Security (TLS) services that use anonymous\nDiffie-Hellman key exchange only provide protection against passive\neavesdropping, and are vulnerable to active man-in-the-middle attacks\nwhich could completely compromise the confidentiality and integrity\nof any data exchanged over the resulting session.]],\n state = vulns.STATE.NOT_VULN,\n references = {\n \"https://www.ietf.org/rfc/rfc2246.txt\"\n }\n }\n\n local vuln_table_logjam = {\n title = \"Transport Layer Security (TLS) Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam)\",\n description = [[\nThe Transport Layer Security (TLS) protocol contains a flaw that is\ntriggered when handling Diffie-Hellman key exchanges defined with\nthe DHE_EXPORT cipher. This may allow a man-in-the-middle attacker\nto downgrade the security of a TLS session to 512-bit export-grade\ncryptography, which is significantly weaker, allowing the attacker\nto more easily break the encryption and monitor or tamper with\nthe encrypted stream.]],\n state = vulns.STATE.NOT_VULN,\n IDS = {\n CVE = 'CVE-2015-4000',\n BID = '74733'\n },\n SCORES = {\n CVSSv2 = '4.3'\n },\n dates = {\n disclosure = {\n year = 2015, month = 5, day = 19\n }\n },\n references = {\n \"https://weakdh.org\"\n }\n }\n\n local vuln_table_weakdh = {\n title = \"Diffie-Hellman Key Exchange Insufficient Group Strength\",\n description = [[\nTransport Layer Security (TLS) services that use Diffie-Hellman groups\nof insufficient strength, especially those using one of a few commonly\nshared groups, may be susceptible to passive eavesdropping attacks.]],\n state = vulns.STATE.NOT_VULN,\n references = {\n \"https://weakdh.org\"\n }\n }\n\n local vuln_table_nosafe = {\n title = \"Diffie-Hellman Key Exchange Incorrectly Generated Group Parameters\",\n description = [[\nThis TLS service appears to be using a modulus that is not a safe prime\nand does not correspond to any well-known DSA group for Diffie-Hellman\nkey exchange.\nThese parameters MAY be secure if:\n- They were generated according to the procedure described in\n FIPS 186-4 for DSA Domain Parameter Generation, or\n- The generator g generates a subgroup of large prime order\nAdditional testing may be required to verify the security of these\nparameters.]],\n state = vulns.STATE.NOT_VULN,\n references = {\n \"https://weakdh.org\"\n }\n }\n\n for protocol in pairs(tls.PROTOCOLS) do\n -- Try anonymous DH ciphersuites\n cipher, dhparams = get_dhe_params(host, port, protocol, dh_anons)\n -- Explicit test for false needed because nil just means no ciphers supported.\n if cipher == false then goto NEXT_PROTOCOL end\n if dhparams and not anons[dhparams.p] then\n vuln_table_anondh.state = vulns.STATE.VULN\n check_dhgroup(anondh, logjam, weakdh, nosafe, cipher, dhparams)\n anons[dhparams.p] = 1\n end\n\n -- Try DHE_EXPORT ciphersuites\n cipher, dhparams = get_dhe_params(host, port, protocol, dhe_exports)\n if dhparams and not primes[dhparams.p] then\n check_dhgroup(anondh, logjam, weakdh, nosafe, cipher, dhparams)\n primes[dhparams.p] = 1\n end\n\n -- Try non-export DHE ciphersuites\n cipher, dhparams = get_dhe_params(host, port, protocol, dhe_ciphers)\n if dhparams and not primes[dhparams.p] then\n check_dhgroup(anondh, logjam, weakdh, nosafe, cipher, dhparams)\n primes[dhparams.p] = 1\n end\n ::NEXT_PROTOCOL::\n end\n\n local report = vulns.Report:new(SCRIPT_NAME, host, port)\n\n vuln_table_anondh.check_results = format_check(anondh, \"ANONYMOUS DH GROUP\")\n vuln_table_logjam.check_results = format_check(logjam, \"EXPORT-GRADE DH GROUP\")\n vuln_table_weakdh.check_results = format_check(weakdh, \"WEAK DH GROUP\")\n vuln_table_nosafe.check_results = format_check(nosafe, \"NON-SAFE GROUP\")\n\n if #anondh > 0 then\n vuln_table_anondh.state = vulns.STATE.VULN\n end\n\n if #logjam > 0 then\n vuln_table_logjam.state = vulns.STATE.VULN\n end\n\n if #weakdh > 0 then\n vuln_table_weakdh.state = vulns.STATE.VULN\n end\n\n if #nosafe > 0 then\n vuln_table_nosafe.state = vulns.STATE.LIKELY_VULN\n end\n\n return report:make_output(vuln_table_anondh, vuln_table_logjam, vuln_table_weakdh, vuln_table_nosafe)\nend\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "aix": [{"lastseen": "2020-04-22T00:52:08", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Fri Aug 7 15:15:59 CDT 2015 \n|Updated: Tue Aug 18 09:19:51 CDT 2015\n|Update: Added AIX 5.3 vulnerability information\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc\nhttps://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc\nftp://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc\n\n\nSecurity Bulletin: Vulnerability in Diffie-Hellman ciphers affects\n sendmail on AIX (CVE-2015-4000)\n\n\n===============================================================================\n\nSUMMARY:\n\n The Logjam Attack on TLS connections using the Diffie-Hellman (DH) key\n exchange protocol affects sendmail when using the sendmail_ssl binary on\n AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2015-4000\n DESCRIPTION: The TLS protocol could allow a remote attacker to obtain\n sensitive information, caused by the failure to properly convey a\n DHE_EXPORT ciphersuite choice. An attacker could exploit this \n vulnerability using man-in-the-middle techniques to force a downgrade\n to 512-bit export-grade cipher. Successful exploitation could allow\n an attacker to recover the session key as well as modify the contents\n of the traffic. This vulnerability is commonly referred to as\n \"Logjam\".\n CVSS Base Score: 4.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/103294 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n\n AFFECTED PRODUCTS AND VERSIONS:\n \n| AIX 5.3, 6.1, 7.1\n VIOS 2.2.x\n\n The following AIX fileset levels are vulnerable:\n\n AIX Fileset Lower Level Upper Level KEY\n --------------------------------------------------------\n| bos.net.tcp.client 5.3.0.0 5.3.12.10 key_w_fs\n bos.net.tcp.client 6.1.0.0 6.1.8.19 key_w_fs\n bos.net.tcp.client 6.1.0.0 6.1.9.45 key_w_fs\n bos.net.tcp.client 7.1.0.0 7.1.2.19 key_w_fs\n bos.net.tcp.client 7.1.0.0 7.1.3.45 key_w_fs\n\n\n AIX Fileset (VIOS) Lower Level Upper Level\n ------------------------------------------------------------\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.8.19(2.2.2.6)\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.9.45(2.2.3.50)\n\n\n Note: to find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n Please note that these only apply to the SSL-enabled\n sendmail binary, /usr/sbin/sendmail_ssl. The default\n sendmail bindary, /usr/sbin/sendmail, is not vulnerable\n to the Logjam attack.\n\n AIX Level APAR Availability SP KEY\n ---------------------------------------------------\n 5.3.12 IV75967 N/A N/A key_w_apar\n 6.1.8 IV75644 N/A N/A key_w_apar \n 6.1.9 IV75643 12/04/15 SP6 key_w_apar\n 7.1.2 IV75645 N/A N/A key_w_apar \n 7.1.3 IV75646 2/26/16 SP6 key_w_apar\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV75643\n http://www.ibm.com/support/docview.wss?uid=isg1IV75646\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available. Please note that the sendmail_ssl fixes\n require a current version of OpenSSL that includes the Logjam\n fix. Please see the previously published OpenSSL bulletin: \n\n http://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc\n https://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc\n ftp://aix.software.ibm.com/aix/efixes/security/openssl_advisory14.asc \n\n\n The sendmail_ssl fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/sendmail_fix2.tar\n http://aix.software.ibm.com/aix/efixes/security/sendmail_fix2.tar\n https://aix.software.ibm.com/aix/efixes/security/sendmail_fix2.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n\n Please note that these only apply to the SSL-enabled\n sendmail binary, /usr/sbin/sendmail_ssl. The default\n sendmail bindary, /usr/sbin/sendmail, is not vulnerable\n to the Logjam attack.\n\n AIX Level Interim Fix (*.Z) KEY\n ------------------------------------------------\n| 5.3.12.9 IV75967m9a.150817.epkg.Z key_w_fix\n 6.1.8.6 IV75644m6a.150731.epkg.Z key_w_fix\n 6.1.9.5 IV75643m5a.150731.epkg.Z key_w_fix\n 7.1.2.6 IV75645m6a.150731.epkg.Z key_w_fix\n 7.1.3.5 IV75646m5a.150731.epkg.Z key_w_fix\n\n\n To extract the fixes from the tar file:\n\n tar xvf sendmail_fix2.tar\n cd sendmail_fix2\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the followng:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n| 9fc6906b826799ee6e98b1da7e4a7f3b41d8db515be46ee043565e6440487015 IV75967m9a.150817.epkg.Z key_w_csum \n 517637a4871e869ea9322d8c91c94ef8c74ee17821fbdf85f84e52dfd99233f8 IV75644m6a.150731.epkg.Z key_w_csum\n af34ca8e20e0440a35dd4fd8caaa051b892f4d30f7cb7fa3f179efcd7f7ab834 IV75643m5a.150731.epkg.Z key_w_csum\n e8916a64220b50eb24df48276fb2a8ddbf50e7c42286eee52841aa7e14864c7c IV75645m6a.150731.epkg.Z key_w_csum\n ea4f46484d3934fdfdf73293f0ca47abcb38f930e8e5f619fa2af720e390dc4d IV75646m5a.150731.epkg.Z key_w_csum\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n openssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n You should verify applying this configuration change does not cause\n any compatibility issues. If you change the default setting after\n applying the fix, you will expose yourself to the attack described\n above. IBM recommends that you review your entire environment to\n identify other areas where you have enabled the Diffie-Hellman\n key-exchange protocol used in TLS and take appropriate mitigation and\n remediation actions.\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\nhttp://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2:\n http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n\nACKNOWLEDGEMENTS:\n\n CVE-2015-4000 was reported to IBM by The WeakDH team at https://weakdh.org\n\n\nCHANGE HISTORY:\n\n First Issued: Fri Aug 7 15:15:59 CDT 2015 \n Updated: Tue Aug 11 09:47:52 CDT 2015\n Update: Changed advisory name to sendmail_advisory2.asc and fix pack to\n sendmail_fix2.tar\n| Updated: Tue Aug 18 09:19:51 CDT 2015\n| Update: Added AIX 5.3 vulnerability information\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n", "edition": 16, "modified": "2015-08-18T09:19:51", "published": "2015-08-07T15:15:59", "id": "SENDMAIL_ADVISORY2.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc", "title": "Vulnerability in Diffie-Hellman ciphers affects sendmail on AIX,Vulnerability in Diffie-Hellman ciphers affects sendmail on VIOS", "type": "aix", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-05-30T02:22:02", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "Package : nss\nVersion : 2:3.14.5-1+deb7u7\nCVE ID : CVE-2015-4000\nDebian Bug : N/A\n\nA vulnerability has been found in nss.\n\nCVE-2015-4000\n\n With TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is\n enabled on a server but not on a client, does not properly convey\n a DHE_EXPORT choice, which allows man-in-the-middle attackers to\n conduct cipher-downgrade attacks by rewriting a ClientHello with\n DHE replaced by DHE_EXPORT and then rewriting a ServerHello with\n DHE_EXPORT replaced by DHE, aka the &quot;Logjam&quot; issue.\n\nThe solution in nss was to not accept bit lengths less than 1024.\nThis may potentially be a backwards incompatibility issue but such\nlow bit lengths should not be in use so it was deemed acceptable.\n\nFor Debian 7 &quot;Wheezy&quot;, these problems have been fixed in version\n2:3.14.5-1+deb7u7.\n\nWe recommend that you upgrade your nss packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n- -- \n --------------------- Ola Lundqvist ---------------------------\n/ opal@debian.org Folkebogatan 26 \\\n| ola@inguza.com 654 68 KARLSTAD |\n| http://inguza.com/ +46 (0)70-332 1551 |\n\\ gpg/f.p.: 22F2 32C6 B1E0 F4BF 2B26 0A6A 5E90 DCFA 9426 876F /\n ---------------------------------------------------------------\n", "edition": 3, "modified": "2016-06-07T10:00:43", "published": "2016-06-07T10:00:43", "id": "DEBIAN:DLA-507-1:8A944", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201606/msg00006.html", "title": "[SECURITY] [DLA 507-1] nss security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "centos": [{"lastseen": "2019-12-20T18:27:47", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1072\n\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033195.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033197.html\n\n**Affected packages:**\nopenssl\nopenssl-devel\nopenssl-libs\nopenssl-perl\nopenssl-static\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1072.html", "edition": 3, "modified": "2015-06-04T20:17:09", "published": "2015-06-04T19:47:16", "href": "http://lists.centos.org/pipermail/centos-announce/2015-June/033195.html", "id": "CESA-2015:1072", "title": "openssl security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-17T03:32:24", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000", "CVE-2015-2721"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1185\n\n\nNetwork Security Services (NSS) is a set of libraries designed to support \ncross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033257.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033258.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033260.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/033261.html\n\n**Affected packages:**\nnss\nnss-devel\nnss-pkcs11-devel\nnss-sysinit\nnss-tools\nnss-util\nnss-util-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1185.html", "edition": 5, "modified": "2015-06-25T12:14:50", "published": "2015-06-25T10:23:56", "href": "http://lists.centos.org/pipermail/centos-announce/2015-June/033257.html", "id": "CESA-2015:1185", "title": "nss security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "suse": [{"lastseen": "2016-09-04T11:18:44", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "This update fixes the following security issue:\n\n * Logjam Attack: MySQL uses 512 bit dh groups in SSL (bnc#934789)\n\n Security Issues:\n\n * CVE-2015-4000\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000</a>&gt;\n\n", "edition": 1, "modified": "2015-07-02T21:05:19", "published": "2015-07-02T21:05:19", "id": "SUSE-SU-2015:1177-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html", "title": "Security update for MySQL (important)", "type": "suse", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-04T11:41:29", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "This MySQL update fixes the following security issue:\n\n * Logjam Attack: MySQL uses 512 bit DH groups in SSL connections.\n (bsc#934789)\n\n Security Issues:\n\n * CVE-2015-4000\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000</a>&gt;\n\n", "edition": 1, "modified": "2015-07-10T19:08:04", "published": "2015-07-10T19:08:04", "id": "SUSE-SU-2015:1177-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00024.html", "title": "Security update for MySQL (important)", "type": "suse", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-04T11:20:21", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000", "CVE-2015-6908"], "description": "This update fixes the following security issues:\n\n - CVE-2015-6908: The ber_get_next function allowed remote attackers to\n cause a denial\n of service (reachable assertion and application crash) via crafted BER\n data, as demonstrated by an attack against slapd. (bsc#945582)\n - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766)\n\n It also fixes the following non-security bugs:\n\n - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment\n - bsc#904028: Add missing dependency binutils used by %pre.\n\n", "edition": 1, "modified": "2016-01-27T11:11:59", "published": "2016-01-27T11:11:59", "id": "OPENSUSE-SU-2016:0255-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html", "type": "suse", "title": "Security update for openldap2 (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:49:45", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000", "CVE-2015-6908"], "description": "This update fixes the following security issues:\n\n - CVE-2015-6908: The ber_get_next function allowed remote attackers to\n cause a denial\n of service (reachable assertion and application crash) via crafted BER\n data, as demonstrated by an attack against slapd. (bsc#945582)\n - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766)\n\n It also fixes the following non-security bugs:\n\n - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment\n - bsc#904028: Add missing dependency binutils used by %pre.\n\n", "edition": 1, "modified": "2016-01-25T13:13:34", "published": "2016-01-25T13:13:34", "id": "OPENSUSE-SU-2016:0226-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html", "type": "suse", "title": "Security update for openldap2 (important)", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2020-11-10T12:35:18", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "**Issue Overview:**\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. ([CVE-2015-4000 __](<https://access.redhat.com/security/cve/CVE-2015-4000>))\n\nPlease note that this update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits.\n\n \n**Affected Packages:** \n\n\nnss, nss-util\n\n \n**Issue Correction:** \nRun _yum update nss nss-util_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n nss-util-3.19.1-1.41.amzn1.i686 \n nss-util-devel-3.19.1-1.41.amzn1.i686 \n nss-util-debuginfo-3.19.1-1.41.amzn1.i686 \n nss-sysinit-3.19.1-3.71.amzn1.i686 \n nss-tools-3.19.1-3.71.amzn1.i686 \n nss-devel-3.19.1-3.71.amzn1.i686 \n nss-pkcs11-devel-3.19.1-3.71.amzn1.i686 \n nss-3.19.1-3.71.amzn1.i686 \n nss-debuginfo-3.19.1-3.71.amzn1.i686 \n \n src: \n nss-util-3.19.1-1.41.amzn1.src \n nss-3.19.1-3.71.amzn1.src \n \n x86_64: \n nss-util-debuginfo-3.19.1-1.41.amzn1.x86_64 \n nss-util-3.19.1-1.41.amzn1.x86_64 \n nss-util-devel-3.19.1-1.41.amzn1.x86_64 \n nss-pkcs11-devel-3.19.1-3.71.amzn1.x86_64 \n nss-tools-3.19.1-3.71.amzn1.x86_64 \n nss-devel-3.19.1-3.71.amzn1.x86_64 \n nss-sysinit-3.19.1-3.71.amzn1.x86_64 \n nss-3.19.1-3.71.amzn1.x86_64 \n nss-debuginfo-3.19.1-3.71.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-07-22T10:00:00", "published": "2015-07-22T10:00:00", "id": "ALAS-2015-569", "href": "https://alas.aws.amazon.com/ALAS-2015-569.html", "title": "Medium: nss, nss-util", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:45:55", "bulletinFamily": "unix", "cvelist": ["CVE-2015-4000"], "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in OpenSSL to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nAll openssl users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. For the update to take\neffect, all services linked to the OpenSSL library must be restarted, or\nthe system rebooted.\n", "modified": "2018-06-06T20:24:12", "published": "2015-06-04T04:00:00", "id": "RHSA-2015:1072", "href": "https://access.redhat.com/errata/RHSA-2015:1072", "type": "redhat", "title": "(RHSA-2015:1072) Moderate: openssl security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-08-13T18:46:16", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2721", "CVE-2015-4000"], "description": "Network Security Services (NSS) is a set of libraries designed to support \ncross-platform development of security-enabled client and server\napplications.\n\nA flaw was found in the way the TLS protocol composes the Diffie-Hellman\n(DH) key exchange. A man-in-the-middle attacker could use this flaw to\nforce the use of weak 512 bit export-grade keys during the key exchange,\nallowing them do decrypt all traffic. (CVE-2015-4000)\n\nNote: This update forces the TLS/SSL client implementation in NSS to\nreject DH key sizes below 768 bits, which prevents sessions to be\ndowngraded to export-grade keys. Future updates may raise this limit to\n1024 bits.\n\nThe nss and nss-util packages have been upgraded to upstream versions\n3.19.1. The upgraded versions provide a number of bug fixes and\nenhancements over the previous versions.\n\nUsers of nss and nss-util are advised to upgrade to these updated packages,\nwhich fix these security flaws, bugs, and add these enhancements.\n", "modified": "2018-06-06T20:24:35", "published": "2015-06-25T04:00:00", "id": "RHSA-2015:1185", "href": "https://access.redhat.com/errata/RHSA-2015:1185", "type": "redhat", "title": "(RHSA-2015:1185) Moderate: nss security update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}