Published: 21/05/2015 Updated: 12/04/2025

The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openssl openssl
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04
canonical ubuntu linux 14.10
canonical ubuntu linux 15.04
hp hp-ux b.11.31
ibm content manager 8.5
oracle jrockit r28.3.6
debian debian linux 7.0
debian debian linux 8.0
oracle jdk 1.6.0
oracle jdk 1.7.0
oracle jdk 1.8.0
oracle jre 1.6.0
oracle jre 1.7.0
oracle jre 1.8.0
suse linux enterprise desktop 12
suse linux enterprise server 11.0
suse linux enterprise software development kit 12
suse suse linux enterprise server 12
apple iphone os
apple mac os x
mozilla network security services 3.19
oracle sparc-opl service processor
apple safari -
google chrome -
microsoft internet explorer -
mozilla firefox -
opera opera browser -
mozilla firefox 38.1.0
mozilla firefox 39.0
mozilla firefox esr 31.8
mozilla seamonkey 2.35
mozilla thunderbird 31.8
mozilla thunderbird 38.1
mozilla firefox os 2.2

Several security issues were fixed in Thunderbird ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

Several security issues were fixed in OpenJDK 7 ...

Several security issues were fixed in OpenJDK 6 ...

Mozilla Foundation Security Advisory 2015-70 NSS accepts export-length DHE keys with regular DHE cipher suites Announced July 2, 2015 Reporter Matthew Green, authors of the paper Impact Moderate Products Firefox, Firefox ESR ...

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 6b36-1138-1~deb7 ...

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service This update also addresses a vulnerability in DHE key processing commonly known as the LogJam vul ...

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project CVE-2015-4000 David Adrian et al reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of data encrypted with Transport Layer Se ...

Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...

A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic (CVE-2015-4000) Please note that this update forces the TLS/SSL client implementation in NSS to ...

LOGJAM: A flaw was found in the way the TLS protocol composes the Diffie-Hellman exchange (for both export and non-export grade cipher suites) An attacker could use this flaw to downgrade a DHE connection to use export-grade key sizes, which could then be broken by sufficient pre-computation This can lead to a passive man-in-the-middle attack in ...

Overview A TLS protocol vulnerability has been recently disclosed that could result in attackers being able to intercept and modify SSL/TLS encrypted traffic to servers that support Diffie-Hellman based export cipher suites  This vulnerability is known as 'LogJam' and has been assigned the following CVE number: CVE-2015-4000: cvemitre ...

Description of Problem A number of security vulnerabilities have been identified in firmware used in the Lights Out Management (LOM) component across all NetScaler-based hardware appliances: Citrix NetScaler Application Delivery Controller (ADC) Citrix NetScaler Gateway Citrix NetScaler Service Delivery Appliance Citrix CloudBridge (now NetScaler S ...

Weak ephemeral Diffie-Hellman parameter detection for SSL/TLS services.

nmap --script ssl-dh-params <target>

Host script results:
| ssl-dh-params:
|   VULNERABLE:
|   Transport Layer Security (TLS) Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam)
|     State: VULNERABLE
|     IDs:  OSVDB:122331  CVE:CVE-2015-4000
|       The Transport Layer Security (TLS) protocol contains a flaw that is triggered
|       when handling Diffie-Hellman key exchanges defined with the DHE_EXPORT cipher.
|       This may allow a man-in-the-middle attacker to downgrade the security of a TLS
|       session to 512-bit export-grade cryptography, which is significantly weaker,
|       allowing the attacker to more easily break the encryption and monitor or tamper
|       with the encrypted stream.
|     Disclosure date: 2015-5-19
|     Check results:
|       EXPORT-GRADE DH GROUP 1
|         Ciphersuite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
|         Modulus Type: Non-safe prime
|         Modulus Source: sun.security.provider/512-bit DSA group with 160-bit prime order subgroup
|         Modulus Length: 512 bits
|         Generator Length: 512 bits
|         Public Key Length: 512 bits
|     References:
|       https://weakdh.org
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
|       http://osvdb.org/122331
|
|   Diffie-Hellman Key Exchange Insufficient Diffie-Hellman Group Strength
|     State: VULNERABLE
|       Transport Layer Security (TLS) services that use Diffie-Hellman groups of
|       insuffficient strength, especially those using one of a few commonly shared
|       groups, may be susceptible to passive eavesdropping attacks.
|     Check results:
|       WEAK DH GROUP 1
|         Ciphersuite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|         Modulus Type: Safe prime
|         Modulus Source: Unknown/Custom-generated
|         Modulus Length: 512 bits
|         Generator Length: 8 bits
|         Public Key Length: 512 bits
|     References:
|       https://weakdh.org
|
|   Diffie-Hellman Key Exchange Potentially Unsafe Group Parameters
|     State: VULNERABLE
|       This TLS service appears to be using a modulus that is not a safe prime and does
|       not correspond to any well-known DSA group for Diffie-Hellman key exchange.
|       These parameters MAY be secure if:
|       - They were generated according to the procedure described in FIPS 186-4 for
|         DSA Domain Parameter Generation, or
|       - The generator g generates a subgroup of large prime order
|       Additional testing may be required to verify the security of these parameters.
|     Check results:
|       NON-SAFE DH GROUP 1
|         Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|         Modulus Type: Non-safe prime
|         Modulus Source: Unknown/Custom-generated
|         Modulus Length: 1024 bits
|         Generator Length: 1024 bits
|         Public Key Length: 1024 bits
|     References:
|       https://weakdh.org
|_      http://www2.esentire.com/TLSUnjammedWP

eSentire additions to the nmap network scanner

Weak ephemeral Diffie-Hellman parameter detection for SSL/TLS services This script simulates SSL/TLS handshakes using ciphersuites that have ephemeral Diffie-Hellman as the key exchange algorithm Diffie-Hellman MODP group parameters are extracted and analyzed for vulnerability to Logjam (CVE 2015-4000) and other weaknesses Opportunistic STARTTLS sessions are established on s

«Уязвимости и атаки на информационные системы» Задание 1 Скачайте и установите виртуальную машину Metasploitable: sourceforgenet/projects/metasploitable/ Это типовая ОС для экспериментов в области информационной безопас

HTTP Attack Tools This repository contains a collection of scripts designed to demonstrate and exploit various vulnerabilities in HTTP and related protocols These scripts are intended for educational and research purposes only Misuse of these tools for malicious activities is illegal and unethical Always obtain proper authorization before performing any

✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır.

HAProxy ve Keepalived (LoadBalancer+Cluster+Sec+HighLoads) Kurulum ve Yapılandırması HAProxy, yüksek erişilebilirliğe(high availability) sahip yük dengeleyici(load balancing) ile TCP ve HTTP tabanlı uygulamalar için proxy sunucusu hizmeti veren açık kaynak kodlu bir yazılımdır Keepalived, IP failover(yük devretme) yeteneğini ikiden dah

📝 My(A) curated list of goodies.

All sorts of stuff My(A) curated list of goodies The stuff you are actually looking for: Table of contents Bookmarks Books Browsers CAPTCHA Chat Color CMS CSS Digests Donations Email Fonts GIT Icons JavaScript Lessons Localization PHP Regular expressions RESTful API Russian spelling QR Codes Security SEO Social Testing Text editors Textures, patterns, backgrounds Utils Vi

Домашнее задание "Уязвимости и атаки на информационные системы" - Подус Сергей Задание 1 Скачайте и установите виртуальную машину Metasploitable: sourceforgenet/projects/metasploitable/ Это типовая ОС для экспериментов в о

OpenSSL releases seven patches for seven vulns

The Register • Darren Pauli • 12 Jun 2015

Flood of fixes to clear LogJam flaw

Users are being urged to upgrade OpenSSL to prevent eavesdroppers listening to otherwise encrypted connections undermined through the LogJam vulnerability thought to be the NSA's crypto-cracking tool of choice. OpenSSL maintainers have patched seven vulnerabilities including the LogJam vulnerability (CVE-2015-4000) which allows attackers to trick browsers into considering an insecure encrypted connection as secure. "A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downg...

Get Started

CVE-2015-4000

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Nmap Scripts

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect