Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Mar 2016 11:09:54 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com, cve-assign@...re.org
Subject: ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman
 parameters for TLS even if user sets manual parameters

Hi,

The ProFTPD daemon supports TLS encrypted connections via the mod_tls
module. This module has a configuration option
TLSDHParamFile
to specify user-defined Diffie Hellman parameters.

Versions older than 1.3.5b / 1.3.6rc2 had a bug that would cause the
software to ignore the parameters and use Diffie Hellman key exchanges
with 1024 bit:
http://bugs.proftpd.org/show_bug.cgi?id=4230

The release notes[1] are confusing, as they mention only problems with
keys smaller than 2048 bit, but I was also able to reproduce this issue
with 4096 bit keys. But anyway, it is fixed in the latest versions for
all key sizes I have tested.

As 1024 bit DH is considered dangerously small these days and breakable
by a powerful attacker I think this should be considered a security
vulnerability.

[1] http://proftpd.org/docs/RELEASE_NOTES-1.3.5b

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno@...eck.de
GPG: BBB51E42

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ