Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Mar 2016 11:09:54 +0100
From: Hanno Böck <>
Subject: ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman
 parameters for TLS even if user sets manual parameters


The ProFTPD daemon supports TLS encrypted connections via the mod_tls
module. This module has a configuration option
to specify user-defined Diffie Hellman parameters.

Versions older than 1.3.5b / 1.3.6rc2 had a bug that would cause the
software to ignore the parameters and use Diffie Hellman key exchanges
with 1024 bit:

The release notes[1] are confusing, as they mention only problems with
keys smaller than 2048 bit, but I was also able to reproduce this issue
with 4096 bit keys. But anyway, it is fixed in the latest versions for
all key sizes I have tested.

As 1024 bit DH is considered dangerously small these days and breakable
by a powerful attacker I think this should be considered a security


Hanno Böck


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.