CVE-2015-4000
Published: 20 May 2015
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Notes
Author | Note |
---|---|
mdeslaur | USN-2624-1 disables export ciphers completely in openssl USN-2625-1 disables export ciphers in apache2 in precise |
seth-arnold | USN-2639-1 disables <768 bit dh parameters in openssl |
mdeslaur | USN-2672-1 disables <768 bit dh parameters in nss |
sbeattie | USN-2696-1 disables <768 bit dh parameters in openjdk-7 |
mdeslaur | gnutls isn't vulnerable to this issue and rejects small dh keys by default. On precise and trusty, the gnutls-cli tool unfortunately sets the minimum dh size to 512 using gnutls_dh_set_prime_bits(), so that must be disabled to test using the command line tool. |
Priority
Status
Package | Release | Status |
---|---|---|
apache2 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
|
bionic |
Not vulnerable
|
|
cosmic |
Not vulnerable
|
|
disco |
Not vulnerable
|
|
precise |
Released
(2.2.22-1ubuntu1.9)
|
|
trusty |
Not vulnerable
(2.4.7-1ubuntu4.4)
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
yakkety |
Not vulnerable
|
|
zesty |
Not vulnerable
|
|
firefox Launchpad, Ubuntu, Debian |
artful |
Released
(39.0+build5-0ubuntu1)
|
bionic |
Released
(39.0+build5-0ubuntu1)
|
|
cosmic |
Released
(39.0+build5-0ubuntu1)
|
|
disco |
Released
(39.0+build5-0ubuntu1)
|
|
upstream |
Released
(39.0)
|
|
utopic |
Released
(39.0+build5-0ubuntu0.14.10.1)
|
|
vivid |
Released
(39.0+build5-0ubuntu0.15.04.1)
|
|
wily |
Released
(39.0+build5-0ubuntu1)
|
|
xenial |
Released
(39.0+build5-0ubuntu1)
|
|
yakkety |
Released
(39.0+build5-0ubuntu1)
|
|
zesty |
Released
(39.0+build5-0ubuntu1)
|
|
precise |
Released
(39.0+build5-0ubuntu0.12.04.2)
|
|
trusty |
Released
(39.0+build5-0ubuntu0.14.04.1)
|
|
gnutls26 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
gnutls28 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
|
bionic |
Not vulnerable
|
|
cosmic |
Not vulnerable
|
|
disco |
Not vulnerable
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
yakkety |
Not vulnerable
|
|
zesty |
Not vulnerable
|
|
precise |
Not vulnerable
|
|
nss Launchpad, Ubuntu, Debian |
artful |
Released
(2:3.19.2-1ubuntu1)
|
bionic |
Released
(2:3.19.2-1ubuntu1)
|
|
cosmic |
Released
(2:3.19.2-1ubuntu1)
|
|
disco |
Released
(2:3.19.2-1ubuntu1)
|
|
precise |
Released
(3.19.2-0ubuntu0.12.04.1)
|
|
trusty |
Released
(2:3.19.2-0ubuntu0.14.04.1)
|
|
upstream |
Needs triage
|
|
utopic |
Released
(2:3.19.2-0ubuntu0.14.10.1)
|
|
vivid |
Released
(2:3.19.2-0ubuntu15.04.1)
|
|
wily |
Released
(2:3.19.2-1ubuntu1)
|
|
xenial |
Released
(2:3.19.2-1ubuntu1)
|
|
yakkety |
Released
(2:3.19.2-1ubuntu1)
|
|
zesty |
Released
(2:3.19.2-1ubuntu1)
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Released
(6b36-1.13.8-0ubuntu1~15.04.1)
|
|
wily |
Not vulnerable
(6b36-1.13.8-0ubuntu1)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
precise |
Released
(6b36-1.13.8-0ubuntu1~12.04)
|
|
trusty |
Released
(6b36-1.13.8-0ubuntu1~14.04)
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Released
(7u79-2.5.6-0ubuntu1.15.04.1)
|
|
wily |
Not vulnerable
(7u79-2.5.6-1)
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
precise |
Released
(7u79-2.5.6-0ubuntu1.12.04.1)
|
|
trusty |
Released
(7u79-2.5.6-0ubuntu1.14.04.1)
|
|
openjdk-8 Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(8u66-b17-1)
|
bionic |
Not vulnerable
(8u66-b17-1)
|
|
cosmic |
Not vulnerable
(8u66-b17-1)
|
|
disco |
Not vulnerable
(8u66-b17-1)
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Released
(8u66-b17-1)
|
|
xenial |
Not vulnerable
(8u66-b17-1)
|
|
yakkety |
Not vulnerable
(8u66-b17-1)
|
|
zesty |
Not vulnerable
(8u66-b17-1)
|
|
openssl Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1.0.2a-1ubuntu1)
|
bionic |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
cosmic |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
disco |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
precise |
Released
(1.0.1-4ubuntu5.28)
|
|
trusty |
Released
(1.0.1f-1ubuntu2.12)
|
|
upstream |
Needs triage
|
|
utopic |
Released
(1.0.1f-1ubuntu9.5)
|
|
vivid |
Released
(1.0.1f-1ubuntu11.1)
|
|
wily |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
xenial |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
yakkety |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
zesty |
Not vulnerable
(1.0.2a-1ubuntu1)
|
|
openssl098 Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
precise |
Ignored
(end of life)
|
|
thunderbird Launchpad, Ubuntu, Debian |
artful |
Released
(1:31.8.0+build1-0ubuntu1)
|
bionic |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
cosmic |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
disco |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
precise |
Released
(1:31.8.0+build1-0ubuntu0.12.04.1)
|
|
trusty |
Released
(1:31.8.0+build1-0ubuntu0.14.04.1)
|
|
upstream |
Released
(31.8)
|
|
utopic |
Released
(1:31.8.0+build1-0ubuntu0.14.10.1)
|
|
vivid |
Released
(1:31.8.0+build1-0ubuntu0.15.04.1)
|
|
wily |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
xenial |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
yakkety |
Released
(1:31.8.0+build1-0ubuntu1)
|
|
zesty |
Released
(1:31.8.0+build1-0ubuntu1)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 3.7 |
Attack vector | Network |
Attack complexity | High |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | Low |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
- https://weakdh.org/imperfect-forward-secrecy.pdf
- https://weakdh.org/
- https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/
- https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
- http://lists.gnutls.org/pipermail/gnutls-devel/2015-May/007597.html
- https://access.redhat.com/articles/1456263
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LogJam
- https://ubuntu.com/security/notices/USN-2624-1
- https://ubuntu.com/security/notices/USN-2625-1
- https://ubuntu.com/security/notices/USN-2639-1
- https://ubuntu.com/security/notices/USN-2656-1
- https://ubuntu.com/security/notices/USN-2656-2
- https://ubuntu.com/security/notices/USN-2673-1
- https://ubuntu.com/security/notices/USN-2696-1
- https://ubuntu.com/security/notices/USN-2706-1
- NVD
- Launchpad
- Debian