Linux Distros Unpatched Vulnerability : CVE-2016-3125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than...

SUSE CVE-2016-3125

The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...

Mageia: Security Advisory (MGASA-2016-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ProFTPD < 1.3.5b / 1.3.6x < 1.3.6rc2 weak Diffie-Hellman key

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is prior to 1.3.5b or 1.3.6x prior to 1.3.6rc2 and is affected by an issue in the modtls module, which might cause a weaker than intended...

openSUSE Security Update : proftpd (openSUSE-2016-713)

proftpd was updated to fix one security issue. This security issue was fixed : - CVE-2016-3125: The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and...

CVE-2016-3125

The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...

CVE-2016-3125

ProFTPD mod_tls TLSDHParamFile handling flaw (CVE-2016-3125) may cause a weaker DH key to be used. Affected: ProFTPD before 1.3.5b and before 1.3.6rc2. Remediation: upgrade to 1.3.5b+ or 1.3.6rc2+ (or newer) where patched. Notes from openSUSE/SUSE advisories confirm the fix in later releases.

Fedora 23 : proftpd-1.3.5b-1.fc23 (2016-977d57cf2d)

Cumulative maintenance release from upstream. Highlights are: SSH RSA hostkeys smaller than 2048 bits now work properly. MLSD response lines are now properly CRLF terminated. Fixed selection of DH groups from TLSDHParamFile CVE-2016-3125. Various other bug fixes are also included. Note that Tenab...

Fedora 22 : proftpd-1.3.5b-1.fc22 (2016-f95d8ea3ad)

Cumulative maintenance release from upstream. Highlights are: SSH RSA hostkeys smaller than 2048 bits now work properly. MLSD response lines are now properly CRLF terminated. Fixed selection of DH groups from TLSDHParamFile CVE-2016-3125. Various other bug fixes are also included. Note that Tenab...