Date: Fri, 11 Mar 2016 11:09:54 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: ProFTPD before 1.3.5b/1.3.6rc2 uses 1024 bit Diffie Hellman parameters for TLS even if user sets manual parameters Hi, The ProFTPD daemon supports TLS encrypted connections via the mod_tls module. This module has a configuration option TLSDHParamFile to specify user-defined Diffie Hellman parameters. Versions older than 1.3.5b / 1.3.6rc2 had a bug that would cause the software to ignore the parameters and use Diffie Hellman key exchanges with 1024 bit: http://bugs.proftpd.org/show_bug.cgi?id=4230 The release notes are confusing, as they mention only problems with keys smaller than 2048 bit, but I was also able to reproduce this issue with 4096 bit keys. But anyway, it is fixed in the latest versions for all key sizes I have tested. As 1024 bit DH is considered dangerously small these days and breakable by a powerful attacker I think this should be considered a security vulnerability.  http://proftpd.org/docs/RELEASE_NOTES-1.3.5b -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.