Vulnerability Details : CVE-2015-4000
Public exploit exists!
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Products affected by CVE-2015-4000
- cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:content_manager:8.5:*:*:*:*:enterprise:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jrockit:r28.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update95:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*
- cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:39.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:31.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:38.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:2.35:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:31.8:*:*:*:*:*:*:*
- cpe:2.3:o:mozilla:firefox_os:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
Threat overview for CVE-2015-4000
Top countries where our scanners detected CVE-2015-4000
Top open port discovered on systems with this issue
80
IPs affected by CVE-2015-4000 2,350
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-4000!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-4000
96.89%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2015-4000
-
SSL/TLS Version Detection
Disclosure Date: 2014-10-14First seen: 2022-12-23auxiliary/scanner/ssl/ssl_versionCheck if a server supports a given version of SSL/TLS and cipher suites. The certificate is stored in loot, and any known vulnerabilities against that SSL version and cipher suite combination are checked. These checks include POODLE, deprecated protocols, expired/no
CVSS scores for CVE-2015-4000
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
3.7
|
LOW | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
2.2
|
1.4
|
NIST |
CWE ids for CVE-2015-4000
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4000
-
http://www.debian.org/security/2015/dsa-3300
Debian -- Security Information -- DSA-3300-1 iceweaselThird Party Advisory
-
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
NSS 3.19.1 release notes - Mozilla | MDNThird Party Advisory
-
http://marc.info/?l=bugtraq&m=143637549705650&w=2
'[security bulletin] HPSBUX03363 rev.1 - HP-UX Apache Web Server running OpenSSL, Remote Disclosure o' - MARCMailing List;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Oracle Critical Patch Update - January 2016Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1197.html
RHSA-2015:1197 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
FortiGuardThird Party Advisory
-
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
StruxureWare Data Center Operation Software Vulnerability Fixes - User Assistance for StruxureWare Data Center Operation 8 - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, andThird Party Advisory
-
http://www.securitytracker.com/id/1033991
IBM DB2 TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032778
IBM Infosphere Optim Query Workload Tuner for DB2 TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032865
IBM Tivoli Composite Application Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2015-1488.html
Third Party Advisory
-
http://marc.info/?l=bugtraq&m=145409266329539&w=2
'[security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Una' - MARCMailing List;Third Party Advisory
-
http://support.apple.com/kb/HT204941
About the security content of iOS 8.4 - Apple SupportThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2696-1
USN-2696-1: OpenJDK 7 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959636
IBM Security Bulletin:Vulnerability in Diffie-Hellman ciphers affects Rational Build Forge (CVE-2015-4000)Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html
openSUSE-SU-2016:0478-1: moderate: Security update for socatMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033067
IBM InfoSphere Guardium TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=143558092609708&w=2
'[security bulletin] HPSBGN03362 rev.1 - HP Discovery and Dependency Mapping Inventory (DDMI) with TL' - MARCMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144069189622016&w=2
'[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1032474
Apache TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032647
IBM Rational Software Architect TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2015/dsa-3339
Debian -- Security Information -- DSA-3339-1 openjdk-6Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1485.html
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html
[security-announce] SUSE-SU-2015:1269-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
[security-announce] SUSE-SU-2015:1319-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1526.html
RHSA-2015:1526 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://marc.info/?l=bugtraq&m=144493176821532&w=2
'[security bulletin] HPSBUX03512 SSRT102254 rev.1 - HP-UX Web Server Suite running Apache, Remote Den' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1032783
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, Bypass Security Restrictions, and Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-304.ibm.com/support/docview.wss?uid=swg21960041
IBM Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors (CVE-2015-1788, CVE-2015-1791, CVE-2015-4000)Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
HPSBGN03626 rev.2 - HPE Service Manager using OpenSSL, Remote Disclosure of InformationThird Party Advisory
-
http://www.securitytracker.com/id/1032649
IBM Rational Quality Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959539
IBM The Diffie-Hellman vulnerability known as Logjam in Apache Tomcat may affect IBM WebSphere Application Server Community Edition (CVE-2015-4000)Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959111
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearCase (CVE-2015-4000)Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144104533800819&w=2
'[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorize' - MARCMailing List;Third Party Advisory
-
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
Juniper Networks - 2016-04 Security Bulletin: Junos Space: Multiple privilege escalation vulnerabilities in Junos SpaceThird Party Advisory
-
http://www.securitytracker.com/id/1032650
IBM Rational Rhapsody Design Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://www.openssl.org/news/secadv_20150611.txt
Vendor Advisory
-
http://www-304.ibm.com/support/docview.wss?uid=swg21959132
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Composite Application Manager for Transactions (CVE-2015-4000)Third Party Advisory
-
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
Solar Winds Storage Resource Monitor (SRM) Profiler Module 6.2.3 Release NotesThird Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
HPESBHF03831 rev.1 - HPE Integrated Lights-Out 2 (iLO 2), Remote Disclosure of InformationThird Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959481
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Mobile app on Android (CVE-2015-4000)Third Party Advisory
-
http://www.securitytracker.com/id/1033433
HP Operations Manager for Windows TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-304.ibm.com/support/docview.wss?uid=swg21960194
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Modeler (CVE-2015-4000, CVE-2015-0478, CVE-2015-0488)Third Party Advisory
-
http://www.securitytracker.com/id/1032884
IBM Flex System Manager SMIA Configuration Tool TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=144050121701297&w=2
'[security bulletin] HPSBGN03404 rev.1 - HP Service Health Reporter, Remote Unauthorized Modification' - MARCMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/201512-10
Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html
[security-announce] SUSE-SU-2015:1150-1: important: Security update forMailing List;Third Party Advisory
-
https://puppet.com/security/cve/CVE-2015-4000
CVE-2015-4000 - Logjam TLS Vulnerability | PuppetThird Party Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10122
McAfee - Security Bulletin: Seven OpenSSL CVEs Announced on June 11, 2015Third Party Advisory
-
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Flex System Manager (FSM) SMIA Configuration Tool (CVE-2015-4000)Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-2056.html
Red Hat Customer PortalThird Party Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Patch;Third Party Advisory
-
http://www.securitytracker.com/id/1033208
IBM FileNet Content Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20150619-0001/
CVE-2015-4000 Diffie-Hellman Export Cipher Suite vulnerability in Multiple NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://www.securitytracker.com/id/1033341
NetBSD TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/91787
Oracle July 2016 Critical Patch Update Multiple VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959453
IBM Security Bulletin: Vulnerability in Diffie-Helman ciphers affects IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis (CVE-2015-4000)Third Party Advisory
-
http://www-304.ibm.com/support/docview.wss?uid=swg21962816
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Rational ClearQuest(CVE-2015-4000)Third Party Advisory
-
http://www.securitytracker.com/id/1032653
IBM WebSphere MQ Telemetry TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
[security-announce] openSUSE-SU-2015:1139-1: important: Security updateMailing List;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21960191
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects FileNet Content Manager, IBM Content Foundation and FileNet BPM (CVE-2015-4000)Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21962739
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Monitoring (CVE-2015-4000)Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144061542602287&w=2
'[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized D' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033210
IBM Rational ClearQuest TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://openssl.org/news/secadv/20150611.txt
Vendor Advisory
-
http://www.securitytracker.com/id/1033430
HP Operations Manager for Linux and UNIX TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html
[security-announce] SUSE-SU-2015:1177-1: important: Security update forMailing List;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21962455
IBM notice: The page you requested cannot be displayedThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1072.html
RHSA-2015:1072 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/74733
SSL/TLS LogJam Man in the Middle Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
[security-announce] SUSE-SU-2015:1449-1: important: Security update forMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144060606031437&w=2
'[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Di' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
[security-announce] openSUSE-SU-2016:0261-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
HPSBMU03546 rev.1 - System Management Homepage on Windows and Linux, Multiple Remote VulnerabilitiesThird Party Advisory
-
http://www.securitytracker.com/id/1032777
IBM Tivoli Storage Manager FastBack for Workstations TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html
[SECURITY] Fedora 21 Update: nss-3.19.1-1.0.fc21Mailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1604.html
RHSA-2015:1604 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://marc.info/?l=bugtraq&m=143628304012255&w=2
'[security bulletin] HPSBGN03361 rev.1 - HP UCMDB, HP UCMDB Configuration Manager, HP UCMDB Browser, ' - MARCMailing List;Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
1138554 - (CVE-2015-4000) NSS accepts export-length DHE keys with regular DHE cipher suites ("Logjam")Issue Tracking;Third Party Advisory
-
http://www.securitytracker.com/id/1032871
IBM Security Network Protection TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-304.ibm.com/support/docview.wss?uid=swg21958984
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Telemetry (CVE-2015-4000)Third Party Advisory
-
http://marc.info/?l=bugtraq&m=143506486712441&w=2
'[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS' - MARCMailing List;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959195
IBM notice: The page you requested cannot be displayedThird Party Advisory
-
http://www.securitytracker.com/id/1032784
Mozilla Thunderbird Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information, and Bypass Security Restrictions - SecurityTrackerThird Party Advisory;VDB Entry
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of InformationThird Party Advisory
-
https://bto.bluecoat.com/security-advisory/sa98
SA98 : OpenSSL Security Advisory 11-June-2015Third Party Advisory
-
https://www.suse.com/security/cve/CVE-2015-4000.html
CVE-2015-4000 | SUSEThird Party Advisory
-
http://www.debian.org/security/2015/dsa-3287
Debian -- Security Information -- DSA-3287-1 opensslThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized ModificationThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1242.html
RHSA-2015:1242 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://marc.info/?l=bugtraq&m=143880121627664&w=2
'[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Infor' - MARCMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1032656
Lotus Quickr for WebSphere Portal TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2015-1544.html
Third Party Advisory
-
https://www-304.ibm.com/support/docview.wss?uid=swg21959745
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM WebSphere MQ Internet Passthru (CVE-2015-4000)Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2656-2
USN-2656-2: Firefox vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securitytracker.com/id/1033760
IBM Tivoli Netcool System Service Monitor TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerVDB Entry;Third Party Advisory
-
http://support.citrix.com/article/CTX201114
CVE-2015-4000 - Citrix Security Advisory for DHE_EXPORT TLS VulnerabilityThird Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959325
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects multiple IBM Rational products based on IBM Jazz technology (CVE-2015-4000)Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
[security-announce] openSUSE-SU-2016:0255-1: important: Security updateMailing List;Third Party Advisory
-
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
HPSBGN03519 rev.1 - HP Project and Portfolio Management Center, Remote Disclosure of InformationThird Party Advisory
-
http://www.debian.org/security/2015/dsa-3316
Debian -- Security Information -- DSA-3316-1 openjdk-7Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1486.html
RHSA-2015:1486 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://weakdh.org/imperfect-forward-secrecy.pdf
Third Party Advisory
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS)Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959812
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Cognos Metrics Manager (CVE-2015-4000)Third Party Advisory
-
https://www.oracle.com/security-alerts/cpujan2021.html
Oracle Critical Patch Update Advisory - January 2021Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1624.html
Red Hat Customer PortalThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
HPSBST03586 rev.1 - HPE 3PAR OS, Remote Unauthorized ModificationThird Party Advisory
-
http://www-304.ibm.com/support/docview.wss?uid=swg21960380
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects various Optim data server tools desktop products (CVE-2015-4000)Third Party Advisory
-
http://www.securitytracker.com/id/1033513
IBM Rational ClearCase TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Oracle Critical Patch Update - July 2016Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html
[security-announce] SUSE-SU-2015:1185-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1228.html
RHSA-2015:1228 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://weakdh.org/
Weak Diffie-Hellman and the Logjam AttackThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1185.html
RHSA-2015:1185 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of InformationThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2706-1
USN-2706-1: OpenJDK 6 vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html
[SECURITY] Fedora 22 Update: nss-3.19.1-1.0.fc22Mailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=143655800220052&w=2
'[security bulletin] HPSBGN03373 rev.1 - HP Release Control running TLS, Remote Disclosure of Informa' - MARCMailing List;Third Party Advisory
-
http://www.debian.org/security/2015/dsa-3324
Debian -- Security Information -- DSA-3324-1 icedoveThird Party Advisory
-
http://www.securitytracker.com/id/1032476
OpenSSL TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032759
Apple OS X TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
[security-announce] SUSE-SU-2015:1320-1: important: Security update forMailing List;Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144102017024820&w=2
'[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modif' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html
openSUSE-SU-2015:1684-1: moderate: Security update for apache2Mailing List;Third Party Advisory
-
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
HPSBHF03510 rev.1 - HP Integrated Lights-Out 2/3/4, Remote Unauthorized ModificationThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Oracle Solaris Bulletin - January 2016Third Party Advisory
-
http://www.securitytracker.com/id/1032637
IBM License Metric Tool TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
HPSBUX03512 SSRT102254 rev.2 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) and Other VulnerabilitiesThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html
[security-announce] SUSE-SU-2015:1184-1: important: Security update forMailing List;Third Party Advisory
-
http://www-304.ibm.com/support/docview.wss?uid=swg21960418
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Tivoli Storage Manager FastBack for Workstations (CVE-2015-4000)Third Party Advisory
-
http://openwall.com/lists/oss-security/2015/05/20/8
oss-security - CVE-2015-4000 - TLS does not properly convey server's ciphersuite choiceMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
[security-announce] openSUSE-SU-2015:1266-1: important: Mozilla (FirefoxMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1036218
HPE Service Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1034728
Oracle Secure Global Desktop TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2015-1230.html
RHSA-2015:1230 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securitytracker.com/id/1032910
Oracle Java SE Multiple Flaws Lets Local and Remote Users Gain Elevated Privileges and Remote Users Partially Access Data, Modify Data, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032651
IBM Rational Software Architect Design Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032654
IBM WebSphere MQIPT TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html
[security-announce] SUSE-SU-2015:1183-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1243.html
RHSA-2015:1243 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securitytracker.com/id/1032648
IBM Rational Team Concert TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=143557934009303&w=2
'[security bulletin] HPSBGN03351 rev.1 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent ru' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html
openSUSE-SU-2016:0483-1: moderate: Security update for socatMailing List;Third Party Advisory
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized ModificationThird Party Advisory
-
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2656-1
USN-2656-1: Firefox vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securitytracker.com/id/1032475
Juniper Junos TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=144060576831314&w=2
'[security bulletin] HPSBGN03399 rev.1 - HP BSM Connector (BSMC), Remote Unauthorized Modification, D' - MARCMailing List;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
Oracle Solaris Third Party Bulletin - July 2015Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html
[SECURITY] Fedora 20 Update: nss-3.19.1-1.0.fc20Mailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033064
IBM Content Manager Enterprise Edition TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032688
McAfee Firewall Enterprise TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959517
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM® WebSphere Real Time (CVE-2015-4000)Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
[security-announce] SUSE-SU-2016:0262-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033019
IBM Lotus Notes and Domino TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
NSS accepts export-length DHE keys with regular DHE cipher suites — MozillaThird Party Advisory
-
http://www.securitytracker.com/id/1032932
IBM AIX TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg21961717
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Security Network Protection (CVE-2015-4000)Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Oracle Critical Patch Update - July 2015Third Party Advisory
-
http://www.securitytracker.com/id/1034087
HP Project and Portfolio Management Center TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032652
IBM Cognos Mobile App TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html
[security-announce] SUSE-SU-2015:1268-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
[security-announce] SUSE-SU-2015:1581-1: important: Security update forMailing List;Third Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21959530
IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational Software Architect , Rational Software Architect for Websphere software and Rational Software Architect Real TimThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2673-1
USN-2673-1: Thunderbird vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
FortiGuardThird Party Advisory
-
http://www.securitytracker.com/id/1033222
IBM AIX Sendmail TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
[security-announce] openSUSE-SU-2015:1289-1: important: Security updateMailing List;Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
Third Party Advisory
-
http://www.securitytracker.com/id/1032645
IBM Cognos Metrics Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://security.gentoo.org/glsa/201603-11
Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201603-11) — Gentoo securityThird Party Advisory
-
http://www.securitytracker.com/id/1040630
HPE integrated Lights Out (iLO) TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
HPSBHF03433 SSRT102964 rev.1 - HP-UX Running Mozilla Firefox and Thunderbird, Remote Disclosure of InformationThird Party Advisory
-
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1229.html
RHSA-2015:1229 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securitytracker.com/id/1032699
IBM Rational Build Forge TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032856
IBM SPSS Modeler TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032702
IBM WebSphere Real Time TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
[security-announce] SUSE-SU-2015:1143-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
[security-announce] SUSE-SU-2016:0224-1: important: Security update forMailing List;Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3688
Debian -- Security Information -- DSA-3688-1 nssThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
[security-announce] openSUSE-SU-2015:1229-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html
[security-announce] SUSE-SU-2015:1182-1: important: Security update forMailing List;Third Party Advisory
-
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc
Mailing List;Third Party Advisory
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information, Unauthorized ModificationThird Party Advisory
-
http://www.securitytracker.com/id/1032960
HP IceWall TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://security.gentoo.org/glsa/201701-46
Mozilla Network Security Service (NSS): Multiple vulnerabilities (GLSA 201701-46) — Gentoo securityThird Party Advisory
-
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
Logjam, FREAK and Upcoming Changes in OpenSSL - OpenSSL BlogVendor Advisory
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of InformationThird Party Advisory
-
http://www.securitytracker.com/id/1033416
HP Performance Manager TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
[security-announce] openSUSE-SU-2016:0226-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html
[security-announce] SUSE-SU-2015:1663-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-1241.html
RHSA-2015:1241 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Oracle Critical Patch Update - October 2015Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html
[security-announce] openSUSE-SU-2015:1277-1: important: Security updateMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1032655
IBM WebSphere Application Server Community Edition TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of InformationThird Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html
openSUSE-SU-2015:1209-1: moderate: Security update for mysql-community-sMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033891
Oracle Communications Messaging Server TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
https://support.citrix.com/article/CTX216642
Multiple Security Vulnerabilities in Citrix NetScaler Platform IPMI Lights Out Management (LOM) firmwareThird Party Advisory
-
http://support.apple.com/kb/HT204942
About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005 - Apple SupportThird Party Advisory
-
http://www.securitytracker.com/id/1032864
HP Release Control TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1033209
IBM Tivoli Monitoring TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032727
HP Discovery & Dependency Mapping Inventory TLS RC4 Algorithm Lets Remote Users Decrypt Data - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
[security-announce] openSUSE-SU-2015:1288-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html
[security-announce] SUSE-SU-2015:1181-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1033385
HP Network Node Manager iTLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1033065
IBM SPSS Analytic Server TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1034884
HP integrated Lights Out (iLO) TLS Diffie-Hellman Export Cipher Downgrade Attack Lets Remote Users Decrypt Connections - SecurityTrackerThird Party Advisory;VDB Entry
-
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
Juniper Networks - 2015-05 Out of Cycle Security Bulletin: "Logjam" passive attack on sub-1024 DH groups, and active downgrade attack of TLS to DHE_EXPORT (CVE-2015-4000)Third Party Advisory
-
http://marc.info/?l=bugtraq&m=144043644216842&w=2
'[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) f' - MARCMailing List;Third Party Advisory
-
http://www-304.ibm.com/support/docview.wss?uid=swg21967893
IBM Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM® DB2® LUW (CVE-2015-4000)Third Party Advisory
-
https://security.gentoo.org/glsa/201506-02
OpenSSL: Multiple vulnerabilities (GLSA 201506-02) — Gentoo securityThird Party Advisory
-
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
Logjam: the latest TLS vulnerability explainedThird Party Advisory
Jump to