|
|
Log in / Subscribe / Register

proftpd: weak key usage

Package(s):proftpd CVE #(s):CVE-2016-3125
Created:March 21, 2016 Updated:June 13, 2016
Description: From the Red Hat bugzilla:

The ProFTPD daemon supports TLS encrypted connections via the mod_tls module. This module has a configuration option TLSDHParamFile to specify user-defined Diffie Hellman parameters.

A vulnerability was found in ProFTPD before 1.3.5b. The software would ignore the user-defined parameters and use Diffie Hellman key exchanges with 1024 bit

Alerts:
openSUSE openSUSE-SU-2016:1558-1 proftpd 2016-06-11
openSUSE openSUSE-SU-2016:1334-1 proftpd 2016-05-18
Mageia MGASA-2016-0128 proftpd 2016-03-31
Fedora FEDORA-2016-f95d8ea3ad proftpd 2016-03-20
Fedora FEDORA-2016-977d57cf2d proftpd 2016-03-21
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds