TLS Protocol up to 1.2 DHE_EXPORT Ciphersuite Logjam cryptographic issues

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in TLS Protocol up to 1.2 and classified as critical. This vulnerability affects an unknown functionality of the component DHE_EXPORT Ciphersuite. It is possible to mitigate the problem by applying the configuration setting . A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 19886.

Field05/21/2015 10:17 AM05/03/2019 09:38 PM
nameTLS ProtocolTLS Protocol
version<=1.2<=1.2
componentDHE_EXPORT CiphersuiteDHE_EXPORT Ciphersuite
affectedlistDebian GNU/LinuxDebian GNU/Linux
cwe310 (weak encryption)310 (weak encryption)
risk33
historic11
cvss2_vuldb_basescore5.15.1
cvss2_vuldb_tempscore4.14.1
cvss2_vuldb_avNN
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore3.73.7
cvss3_meta_tempscore3.33.3
cvss3_vuldb_basescore3.73.7
cvss3_vuldb_tempscore3.33.3
cvss3_nvd_avNN
cvss3_nvd_acHH
cvss3_nvd_prNN
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cNN
cvss3_nvd_iLL
cvss3_nvd_aNN
titlewordLogjamLogjam
date1432166400 (05/21/2015)1432166400 (05/21/2015)
locationoss-secoss-sec
typeMailinglist PostMailinglist Post
urlhttp://seclists.org/oss-sec/2015/q2/504http://seclists.org/oss-sec/2015/q2/504
identifierFG-IR-15-013 / CTX201114FG-IR-15-013 / CTX201114
person_nameDavid Adrian/Karthikeyan Bhargavan/Zakir Durumeric/Pierrick Gaudry/Matthew Green/J. Alex Halderman/Nadia Heninger/Drew Springall/Emmanuel Thomé/Luke Valenta/Benjamin VanderSloot/Eric Wustrow/Santiago Zanella-Béguelink/Paul ZimmermannDavid Adrian/Karthikeyan Bhargavan/Zakir Durumeric/Pierrick Gaudry/Matthew Green/J. Alex Halderman/Nadia Heninger/Drew Springall/Emmanuel Thomé/Luke Valenta/Benjamin VanderSloot/Eric Wustrow/Santiago Zanella-Béguelink/Paul Zimmermann
confirm_urlhttps://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
price_0day$25k-$100k$25k-$100k
nameConfigConfig
advisoryquoteWe have three recommendations for correctly deploying Diffie-Hellman for TLS: 1. Disable Export Cipher Suites, 2. Deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE), 3. Generate a Strong, Unique Diffie Hellman Group.We have three recommendations for correctly deploying Diffie-Hellman for TLS: 1. Disable Export Cipher Suites, 2. Deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE), 3. Generate a Strong, Unique Diffie Hellman Group.
cveCVE-2015-4000CVE-2015-4000
cve_assigned14316480001431648000
cve_nvd_published14320800001432080000
cve_nvd_summaryThe TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
oval_idoval:org.mitre.oval:def:29252oval:org.mitre.oval:def:29252
osvdb122331122331
securityfocus7473374733
securityfocus_date1431993600 (05/19/2015)1431993600 (05/19/2015)
securityfocus_classDesign ErrorDesign Error
securityfocus_titleSSL/TLS LogJam Man in the Middle Security Bypass VulnerabilitySSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
vulnerabilitycenter5170151701
vulnerabilitycenter_titleTLS <=1.2 Remote Man-in-the Middle via Cipher-Downgrade Attacks (aka \TLS <=1.2 Remote Man-in-the Middle via Cipher-Downgrade Attacks (aka \
vulnerabilitycenter_severityMediumMedium
vulnerabilitycenter_creationdate14384736001438473600
vulnerabilitycenter_lastupdatedate15469056001546905600
vulnerabilitycenter_reportingdate14363136001436313600
xforce103294103294
xforce_titleTLS Diffie-Hellman Key Exchange information disclosureTLS Diffie-Hellman Key Exchange information disclosure
xforce_identifiertls-diffie-hellman-info-disctls-diffie-hellman-info-disc
heise26575022657502
nessus_id8393783937
nessus_nameFedora 21 : nss-3.19.1-1.0.fc21 / nss-softokn-3.19.1-1.0.fc21 / nss-util-3.19.1-1.0.fc21 (2015-9130) (Logjam)Fedora 21 : nss-3.19.1-1.0.fc21 / nss-softokn-3.19.1-1.0.fc21 / nss-util-3.19.1-1.0.fc21 (2015-9130) (Logjam)
nessus_filenameala_ALAS-2015-550.naslala_ALAS-2015-550.nasl
nessus_riskMediumMedium
nessus_familyFedora Local Security ChecksFedora Local Security Checks
nessus_typelocallocal
nessus_port00
nessus_date1433203200 (06/02/2015)1433203200 (06/02/2015)
nessus_codeif (rpm_check(release:"ALA", reference:"openssl-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-debuginfo-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-devel-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-perl-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-static-1.0.1k-10.86.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); }if (rpm_check(release:"ALA", reference:"openssl-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-debuginfo-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-devel-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-perl-1.0.1k-10.86.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"openssl-static-1.0.1k-10.86.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); }
qualys_id350152350152
qualys_titleAmazon Linux Security Advisory for openssl: ALAS-2015-550Amazon Linux Security Advisory for openssl: ALAS-2015-550
tippingpoint_id1988619886
fortigate_ips_id4065140651
videolinkhttps://youtu.be/87s1nkATfzkhttps://youtu.be/87s1nkATfzk
mischttps://weakdh.org/imperfect-forward-secrecy.pdfhttps://weakdh.org/imperfect-forward-secrecy.pdf
seealso75951 78627 78668 80581 8267575951 78627 78668 80581 82675
cvss2_vuldb_eUU
cvss2_vuldb_rlWW
cvss2_vuldb_rcCC
cvss3_vuldb_eUU
cvss3_vuldb_rlWW
cvss3_vuldb_rcCC
reaction_days99
exposure_days99
cvss3_nvd_basescore3.73.7
cvss3_vuldb_avN
cvss3_vuldb_acH
cvss3_vuldb_prN
cvss3_vuldb_uiN
cvss3_vuldb_sU
cvss3_vuldb_cN
cvss3_vuldb_iL
cvss3_vuldb_aN
date1432944000 (05/30/2015)
openvas_id14611
openvas_filenamealas-2015-586.nasl
openvas_titleAmazon Linux Local Check: alas-2015-586
openvas_familyAmazon Linux Local Security Checks
mcafee_ips_idSSL: OpenSSL Request For Export Grade Cipher Suite Detected
mcafee_ips_version8.1.78.7

Interested in the pricing of exploits?

See the underground prices here!