The mod_tls module in ProFTPD prior to 1.3.5b and 1.3.6 prior to 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow malicious users to have unspecified impact via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
proftpd proftpd 1.3.6 |
||
proftpd proftpd |
||
opensuse opensuse 13.1 |
||
fedoraproject fedora 22 |
||
fedoraproject fedora 23 |