The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

security note CVE-2015-4000

TLS: weakening Diffie-Hellman via Logjam

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can force the TLS client/server to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Severity of this weakness: 2/4.
Creation date: 20/05/2015.
Revision date: 20/05/2015.
Références of this bulletin: 1610582, 1647054, 1957980, 1958984, 1959033, 1959539, 1959745, 1960194, 1960418, 1960862, 1962398, 1962694, 1963151, 9010038, 9010039, 9010041, 9010044, BSA-2015-005, bulletinjan2016, bulletinjul2015, c04725401, c04760669, c04767175, c04770140, c04773119, c04773241, c04774058, c04778650, c04832246, c04918839, c04926789, CERTFR-2016-AVI-303, CTX216642, CVE-2015-4000, DLA-507-1, DSA-3287-1, DSA-3300-1, DSA-3688-1, FEDORA-2015-10047, FEDORA-2015-10108, FEDORA-2015-9048, FEDORA-2015-9130, FEDORA-2015-9161, FreeBSD-EN-15:08.sendmail, FreeBSD-SA-15:10.openssl, HPSBGN03399, HPSBGN03407, HPSBGN03411, HPSBGN03417, HPSBHF03433, HPSBMU03345, HPSBMU03401, HPSBUX03363, HPSBUX03388, HPSBUX03435, HPSBUX03512, JSA10681, Logjam, NetBSD-SA2015-008, NTAP-20150616-0001, NTAP-20150715-0001, NTAP-20151028-0001, openSUSE-SU-2015:1139-1, openSUSE-SU-2015:1209-1, openSUSE-SU-2015:1216-1, openSUSE-SU-2015:1277-1, openSUSE-SU-2016:0226-1, openSUSE-SU-2016:0255-1, openSUSE-SU-2016:0261-1, openSUSE-SU-2016:2267-1, PAN-SA-2016-0020, PAN-SA-2016-0028, RHSA-2015:1072-01, RHSA-2015:1185-01, RHSA-2015:1197-01, RHSA-2016:2054-01, RHSA-2016:2055-01, RHSA-2016:2056-01, SA111, SA40002, SA98, SB10122, SSA:2015-219-02, SSRT102180, SSRT102254, SSRT102964, SSRT102977, SUSE-SU-2015:1143-1, SUSE-SU-2015:1150-1, SUSE-SU-2015:1177-1, SUSE-SU-2015:1177-2, SUSE-SU-2015:1181-1, SUSE-SU-2015:1181-2, SUSE-SU-2015:1182-2, SUSE-SU-2015:1183-1, SUSE-SU-2015:1183-2, SUSE-SU-2015:1184-1, SUSE-SU-2015:1184-2, SUSE-SU-2015:1185-1, SUSE-SU-2015:1268-1, SUSE-SU-2015:1268-2, SUSE-SU-2015:1269-1, SUSE-SU-2015:1581-1, SUSE-SU-2016:0224-1, SUSE-SU-2018:1768-1, TSB16728, USN-2624-1, USN-2625-1, USN-2656-1, USN-2656-2, VIGILANCE-VUL-16950, VN-2015-007.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Diffie-Hellman algorithm is used to exchange cryptographic keys. The DHE_EXPORT suite uses prime numbers smaller than 512 bits.

The Diffie-Hellman algorithm is used by TLS. However, during the negotiation, an attacker, located as a Man-in-the-Middle, can force TLS to use DHE_EXPORT (event if stronger suites are available).

This vulnerability can then be combined with VIGILANCE-VUL-16951.

An attacker, located as a Man-in-the-Middle, can therefore force the TLS client/server to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Full Vigil@nce bulletin... (Free trial)

This threat announce impacts software or systems such as Apache httpd, Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, DCFM Enterprise, Brocade Network Advisor, Brocade vTM, Clearswift Email Gateway, Debian, Summit, Fedora, FileZilla Server, FreeBSD, HPE BSM, HPE NNMi, HP Operations, HP-UX, AIX, DB2 UDB, IRAD, Security Directory Server, SPSS Modeler, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, Juniper J-Series, Junos OS, Junos Pulse, Juniper Network Connect, Juniper SBR, lighttpd, ePO, Firefox, NSS, MySQL Community, MySQL Enterprise, Data ONTAP 7-Mode, Snap Creator Framework, SnapManager, NetBSD, nginx, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, Percona Server, RealPresence Collaboration Server, RealPresence Distributed Media Application, RealPresence Resource Manager, Polycom VBP, Postfix, SSL protocol, Pulse Connect Secure, Puppet, RHEL, JBoss EAP by Red Hat, Sendmail, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu, WinSCP.

Our Vigil@nce team determined that the severity of this cybersecurity alert is medium.

The trust level is of type confirmed by the editor, with an origin of internet server.

An attacker with a expert ability can exploit this security alert.

Solutions for this threat

OpenSSL: version 1.0.2b.
The version 1.0.2b is fixed:
  https://www.openssl.org/source/

OpenSSL: version 1.0.1n.
The version 1.0.1n is fixed:
  https://www.openssl.org/source/

TLS: solution for Logjam.
The solution is to disable DHE_EXPORT.
For example, for Apache httpd:
 - select strong suites in SSLCipherSuite, or
 - use "!EXP" in the list.
Details are indicated in information sources.

AIX: patch for OpenSSL (03/03/2016).
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix17.tar

AIX: patch for OpenSSL (15/07/2015).
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/openssl_fix14.tar

AIX: patch for Sendmail.
A patch is available:
  ftp://aix.software.ibm.com/aix/efixes/security/sendmail_fix2.tar

Blue Coat: fixed versions for OpenSSL.
Fixed versions are indicated in information sources.

Blue Coat: solution for OpenSSL.
The solution is indicated in information sources.

Brocade: solution for Logjam.
The solution is indicated in information sources.

Citrix NetScaler: fixed versions for LOM Firmware.
Fixed versions are indicated in information sources.

Citrix NetScaler Platform IPMI LOM: solution.
The solution is indicated in information sources.

Clearswift Email Gateway: version 4.2.1.
The version 4.2.1 is fixed:
  http://www.clearswift.com/

Clearswift SECURE Email Gateway: version 3.8.8.
The version 3.8.8 is fixed:
  http://web2.clearswift.com/support/msw/forums/topic.asp?TOPIC_ID=24581

Debian 7: new nss packages.
New packages are available:
  Debian 7: nss 2:3.14.5-1+deb7u7

Debian 8: new nss packages.
New packages are available:
  Debian 8: nss 2:3.26-1+debu8u1

Debian: new iceweasel packages.
New packages are available:
  Debian 8: iceweasel 31.8.0esr-1~deb8u1
  Debian 7: iceweasel 31.8.0esr-1~deb7u1

Debian: new openssl packages.
New packages are available:
  Debian 7: openssl 1.0.1e-2+deb7u17
  Debian 8: openssl 1.0.1k-3+deb8u1

Fedora: new nss packages.
New packages are available:
  Fedora 21: nss 3.19.1-1.0.fc21
  Fedora 22: nss 3.19.1-1.0.fc22
  Fedora 20: nss 3.19.1-1.0.fc20

Fedora: new openssl packages (22/06/2015).
New packages are available:
  Fedora 22: openssl 1.0.1k-10.fc22
  Fedora 21: openssl 1.0.1k-10.fc21

FileZilla Server: version 0.9.53.
The version 0.9.53 is fixed:
  https://filezilla-project.org/download.php?type=server

FreeBSD: patch for openssl.
A patch is available:
  FreeBSD 10.1: https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
  FreeBSD 9.3, 8.4: https://security.FreeBSD.org/patches/SA-15:10/openssl-8.4.patch

FreeBSD: solution for Logjam.
The announce states how to configure sendmail to use sufficiently large Diffie-Hellman parameters.
System updates are also available, the revision of which are provided in the announce.

HP BSM Connector: patch for Logjam and Bar Mitzvah.
A patch is available:
  BSMC 9.2x: https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01762681
  BSMC 10.0: https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01758600?lang=en&cc=us&hpappid=113963_OSP_PRO_HPE

HP Network Node Manager i: patch for OpenSSL.
A patch is available in information sources.

HP Operations Agent Virtual Appliance: patch for Logjam.
A patch is available:
  https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01762721?lang=en&cc=us&hpappid=113963_OSP_PRO_HPE

HP Operations Manager for Unix: patch for Logjam et Bar Mitzvah.
A patch is available:
  https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01777542?lang=en&cc=us&hpappid=113963_OSP_PRO_HPE

HP Operations Manager for Windows: patch for Logjam et Bar Mitzvah.
A patch is available:
  https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01762684?lang=en&cc=us&hpappid=113963_OSP_PRO_HPE

HP Operations Manager i: patch for Logjam.
A patch is available:
  https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsearch/document/KM01758610

HP-UX: fixed versions for OpenSSL.
Fixed versions are indicated in information sources:
  OpenSSL_A.01.00.01p
  https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OPENSSL11I

HP-UX: Web Server Suite version 3.31.
Web Server Suite version B.11.23 is fixed:
  http://software.hp.com/
  HPUXWSATW331

HP-UX Web Server Suite: version 4.06.
The version 4.06 is fixed:
  https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW406

HP-UX with Apache: workaround for logjam.
The announce states how to forbid the weak algorithms parameters in the Apache configuration.

HP-UX: workaround for Firefox/Thunderbird.
A workaround is indicated in the information source.

IBM DB2: version 10.1 Fix Pack 6.
The version 10.1 Fix Pack 6 is fixed.

IBM DB2: version 10.5 Fix Pack 7.
The version 10.5 Fix Pack 7 is fixed:
  http://www-01.ibm.com/support/docview.wss?uid=swg24041243

IBM Rational Application Developer: solution for OpenSSL.
The solution is indicated in information sources.

IBM Security Directory Server: patch for logjam.
A patch is available in information sources for the product versions 5.2.and 5.1.1.

IBM Spectrum Protect Operations Center: solution for Logjam.
The solution is indicated in information sources.

IBM SPSS Modeler: fixed versions for IBM Java.
Fixed versions are as follows:
  14.2 Fix Pack 3 Interim Fix 025
  15.0 Fix Pack 3 Interim Fix 013
  16.0 Fix Pack 2 Interim Fix 003
  17.0 Fix Pack 1 Interim Fix 002

IBM Tivoli Storage Manager FastBack: workaround for logjam.
The vendor announce states how to disable the concerned algorithms in the product configuration.

IBM Tivoli System Automation for Multiplatforms: patch for Logjam.
A patch is available in information sources.

IBM Tivoli Workload Scheduler: fixed versions for Logjam.
Fixed versions are indicated in information sources.

Juniper Junos: solution for Logjam.
The solution is indicated in information sources.

Juniper Pulse: solution for OpenSSL.
The solution is indicated in information sources.

McAfee ePO: patch for Logjam.
A patch is available:
  https://kc.mcafee.com/corporate/index?page=content&id=KB84878
  EPO469HF1080853.zip
  EPO5xHF1080544.zip

Mozilla Firefox: version 39.
The version 39 is fixed:
  http://www.mozilla.org/en-US/firefox/organizations/all/
  http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/

MySQL: version 5.5.45.
The version 5.5.45 is fixed:
  http://www.mysql.com/

MySQL: version 5.6.26.
The version 5.6.26 is fixed:
  http://www.mysql.com/

NetApp Data: solution for OpenSSL 06/2015.
A patch is available:
  Data ONTAP Edge: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=923550
  Data ONTAP operating in 7-Mode: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=923548
  Data ONTAP SMI-S Agent: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=923545
  Snap Creator Framework: https://mysupport.netapp.com/NOW/download/software/snapcreator_framework/4.3P1/
  SnapManager for SAP win: http://mysupport.netapp.com/NOW/download/software/snapmanager_sap_win/3.4P2/
  SnapManager for SAP unix: http://mysupport.netapp.com/NOW/download/software/snapmanager_sap_unix/3.4P2/

NetApp SnapManager: patch for Oracle Java.
A patch is available:
  SnapManager for Oracle: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=959904
  SnapManager for SAP: http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=959905

NetBSD: patch for OpenSSL.
A patch is available in information sources.

Node.js: version 0.12.5.
The version 0.12.5 is fixed:
  https://nodejs.org/download/

NSS: version 3.19.2.
The version 3.19.2 is fixed:
  http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/

openSUSE 13.2: new libressl packages.
New packages are available:
  openSUSE 13.2: libressl 2.2.1-2.3.1

openSUSE 13.2: new openldap2 packages.
New packages are available:
  openSUSE 13.2: libldap-2 4-2-2.4.39-8.9.1, openldap2 2.4.39-8.9.1

openSUSE 13: new mariadb packages.
New packages are available:
  openSUSE 13.2: mariadb 10.0.20-2.9.1
  openSUSE 13.1: mariadb 5.5.44-4.1

openSUSE 13: new mysql packages.
New packages are available:
  openSUSE 13.2: libmysql56client18 5.6.25-2.3.1, mysql-community-server 5.6.25-2.3.1
  openSUSE 13.1: libmysql56client18 5.6.25-7.4.1, mysql-community-server 5.6.25-7.4.1

openSUSE Leap 42.1: new libtcnative-1-0 packages.
New packages are available:
  openSUSE Leap 42.1: libtcnative-1-0 1.1.32-7.1

openSUSE: new openldap2 packages.
New packages are available:
  openSUSE 13.1: libldap-2_4 2-2.4.33-8.6.1
  openSUSE Leap 42.1: libldap-2_4 2-2.4.41-11.1

openSUSE: new openssl packages.
New packages are available:
  openSUSE 13.2: libopenssl1_0_0 1.0.1k-2.24.1
  openSUSE 13.1: libopenssl1_0_0 1.0.1k-11.72.1

PAN-OS: versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4.
Versions 5.0.20, 5.1.13, 6.0.14, 6.1.13, 7.0.9 and 7.1.4 are fixed.

Percona Server: version 5.5.45-37.4.
The version 5.5.45-37.4 is fixed:
  https://www.percona.com/downloads/Percona-Server-5.5/

Polycom: fixed versions for Logjam.
Fixed versions are indicated in information sources.

Puppet Labs Puppet: fixed versions for OpenSSL.
The following versions are fixed:
  Puppet Enterprise 3.8.1
  Puppet Agent 1.1.1

Red Hat JBoss Enterprise Application Platform: version 6.4.10.
The version 6.4.10 is fixed:
  https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=6.4

RHEL 5: new openssl packages.
New packages are available:
  RHEL 5: openssl 0.9.8e-36.el5_11

RHEL: new nss packages.
New packages are available:
  RHEL 6: nss 3.19.1-3.el6_6
  RHEL 7: nss 3.19.1-3.el7_1

RHEL: new openssl packages.
New packages are available:
  RHEL 6: openssl 1.0.1e-30.el6_6.9
  RHEL 7: openssl 1.0.1e-42.el7_1.6

sendmail: version 8.15.2.
The version 8.15.2 is fixed:
  ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.15.2.tar.gz

Slackware: new mozilla-nss packages.
New packages are available:
  Slackware 14.0: mozilla-nss 3.19.2-*-1_slack14.0
  Slackware 14.1: mozilla-nss 3.19.2-*-1_slack14.1

Solaris: patch for Third Party 03/2016.
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

Solaris: patch for Third Party (07/2015).
A patch is available:
  https://support.oracle.com/rs?type=doc&id=1448883.1

SUSE LE 10: new openssl packages.
New packages are available:
  SUSE LE 10: openssl 0.9.8a-18.92.1

SUSE LE 11: new MySQL packages.
New packages are available:
  SUSE LE 11: libmysql55client18 5.5.43-0.9.1, mysql 5.5.43-0.9.1

SUSE LE 11: new OpenSSL 0.9.8 packages.
New packages are available:
  SUSE LE 11: openssl 0.9.8j-0.72.1

SUSE LE 11 SP3: new openssh packages.
New packages are available:
  SUSE LE 11 SP3: openssh 6.2p2-0.21.1

SUSE LE 11 SP4: new nagios-nrpe packages.
New packages are available:
  SUSE LE 11 SP4: nagios-nrpe 2.12-24.4.10.3.3

SUSE LE 12: new openldap2 packages.
New packages are available:
  SUSE LE 12 SP1: libldap-2 4-2-2.4.41-18.13.1, openldap2 2.4.41-18.13.4
  SUSE LE 12 RTM: libldap-2 4-2-2.4.41-18.13.1, openldap2 2.4.41-18.13.4

SUSE LE 12: new openssl packages.
New packages are available:
  SUSE LE 12: libopenssl1_0_0 1.0.1i-25.1, libopenssl0_9_8 0.9.8j-78.1

SUSE LE: new MozillaFirefox packages.
New packages are available:
  SUSE LE 11: MozillaFirefox 31.8.0esr-0.10.1, mozilla-nspr 4.10.8-0.5.1, mozilla-nss 3.19.2_CKBI_1.98-0.10.1
  SUSE LE 12: MozillaFirefox 31.8.0esr-37.3, mozilla-nspr 4.10.8-3.1, mozilla-nss 3.19.2_CKBI_1.98-21.1

SUSE LE: new OpenSSL packages 0.9.7.
New packages are available:
  SUSE LE 11: compat-openssl097g 0.9.7g-146.22.31.1
  SUSE LE 10: compat-openssl097g 0.9.7g-13.31.1

SUSE LE Security Module 11: new OpenSSL 1.0 packages.
New packages are available:
  - SUSE LE 11: openssl1 1.0.1g-0.30.1

Synology DS214, RS214: version 5.2-5592.
The version 5.2-5592 is fixed.

Ubuntu: new apache2.2-bin packages.
New packages are available:
  Ubuntu 12.04 LTS: apache2.2-bin 2.2.22-1ubuntu1.9

Ubuntu: new firefox packages.
New packages are available:
  Ubuntu 15.04: firefox 39.0+build5-0ubuntu0.15.04.1
  Ubuntu 14.10: firefox 39.0+build5-0ubuntu0.14.10.1
  Ubuntu 14.04 LTS: firefox 39.0+build5-0ubuntu0.14.04.1
  Ubuntu 12.04 LTS: firefox 39.0+build5-0ubuntu0.12.04.2

Ubuntu: new openssl packages.
New packages are available:
  Ubuntu 15.04: libssl1.0.0 1.0.1f-1ubuntu11.1
  Ubuntu 14.10: libssl1.0.0 1.0.1f-1ubuntu9.5
  Ubuntu 14.04 LTS: libssl1.0.0 1.0.1f-1ubuntu2.12
  Ubuntu 12.04 LTS: libssl1.0.0 1.0.1-4ubuntu5.28

WebSphere AS: patch for logjam.
A patch is available in information sources.

WebSphere MQ: workaround for Logjam.
A workaround is to restrict the set of accepted algorithms to the "suite B" set, as defined by the NSA.

WinSCP: version 5.7.4.
The version 5.7.4 is fixed:
  http://winscp.net/eng/download.php
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computers vulnerabilities watch. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.