ID CVE-2016-3125
Summary The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
References
Vulnerable Configurations
  • ProFTPD 1.3.5 A
    cpe:2.3:a:proftpd:proftpd:1.3.5:a
  • ProFTPD 1.3.6 Release Candidate 1
    cpe:2.3:a:proftpd:proftpd:1.3.6:rc1
  • OpenSUSE 13.1
    cpe:2.3:o:opensuse:opensuse:13.1
  • Fedora 22
    cpe:2.3:o:fedoraproject:fedora:22
  • Fedora Project Fedora 23
    cpe:2.3:o:fedoraproject:fedora:23
CVSS
Base: 5.0 (as of 01-09-2016 - 12:00)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-977D57CF2D.NASL
    description Cumulative maintenance release from upstream. Highlights are: * SSH RSA hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now properly CRLF terminated. * Fixed selection of DH groups from TLSDHParamFile (CVE-2016-3125). Various other bug fixes are also included. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90042
    published 2016-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90042
    title Fedora 23 : proftpd-1.3.5b-1.fc23 (2016-977d57cf2d)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-AC3587BE9A.NASL
    description Cumulative maintenance release from upstream. Highlights are: * SSH RSA hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now properly CRLF terminated. * Fixed selection of DH groups from TLSDHParamFile (CVE-2016-3125) Various other bug fixes are also included. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90222
    published 2016-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90222
    title Fedora 24 : proftpd-1.3.5b-1.fc24 (2016-ac3587be9a)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_A733B5CA06EB11E6817F3085A9A4510D.NASL
    description MITRE reports : The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90607
    published 2016-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90607
    title FreeBSD : proftpd -- vulnerability in mod_tls (a733b5ca-06eb-11e6-817f-3085a9a4510d)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-F95D8EA3AD.NASL
    description Cumulative maintenance release from upstream. Highlights are: * SSH RSA hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now properly CRLF terminated. * Fixed selection of DH groups from TLSDHParamFile (CVE-2016-3125). Various other bug fixes are also included. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 90046
    published 2016-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90046
    title Fedora 22 : proftpd-1.3.5b-1.fc22 (2016-f95d8ea3ad)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-603.NASL
    description This proftpd update to version 1.3.5b fixes the following issues : Security issues fixed : - CVE-2016-3125: Fixed selection of DH groups from TLSDHParamFile. (boo#970890) Bugs fixed : - update to 1.3.5b: http://www.proftpd.org/docs/RELEASE_NOTES-1.3.5b - SSH RSA hostkeys smaller than 2048 bits now work properly. - MLSD response lines are now properly CRLF terminated.
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 91273
    published 2016-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91273
    title openSUSE Security Update : proftpd (openSUSE-2016-603)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-713.NASL
    description proftpd was updated to fix one security issue. This security issue was fixed : - CVE-2016-3125: The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors. Aliased: (boo#970890).
    last seen 2019-02-21
    modified 2016-10-13
    plugin id 91588
    published 2016-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91588
    title openSUSE Security Update : proftpd (openSUSE-2016-713)
  • NASL family FTP
    NASL id PROFTPD_1_3_6_RC2.NASL
    description The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is prior to 1.3.5b or 1.3.6x prior to 1.3.6rc2 and is affected by an issue in the mod_tls module, which might cause a weaker than intended Diffie-Hellman key to be used.
    last seen 2019-02-21
    modified 2018-02-12
    plugin id 106755
    published 2018-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106755
    title ProFTPD < 1.3.5b / 1.3.6x < 1.3.6rc2 weak Diffie-Hellman key
refmap via4
confirm
fedora
  • FEDORA-2016-977d57cf2d
  • FEDORA-2016-ac3587be9a
  • FEDORA-2016-f95d8ea3ad
mlist
  • [oss-security] 20160311 ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman parameters for TLS even if user sets manual parameters
  • [oss-security] 20160311 Re: ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman parameters for TLS even if user sets manual parameters
suse
  • openSUSE-SU-2016:1334
  • openSUSE-SU-2016:1558
Last major update 02-12-2016 - 22:26
Published 05-04-2016 - 16:59
Last modified 30-10-2018 - 12:27
Back to Top