ALT-PU-2015-1863-1
Closed vulnerabilities
Published: 2015-05-20
BDU:2015-11042
Уязвимость библиотеки OpenSSL, позволяющая нарушителю проводить атаки, направленные на снижение стойкости алгоритма шифрования
Severity: LOW (3.7)
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
Published: 2015-05-21
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-4000
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
Severity: LOW (3.7)
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
- DSA-3324
- DSA-3339
- DSA-3339
- DSA-3688
- DSA-3688
- http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
- http://www.fortiguard.com/advisory/2015-05-20-logjam-attack
- http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-70.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- 74733
- 74733
- 91787
- 91787
- 1032474
- 1032474
- 1032475
- 1032475
- 1032476
- 1032476
- 1032637
- 1032637
- 1032645
- 1032645
- 1032647
- 1032647
- 1032648
- 1032648
- 1032649
- 1032649
- 1032650
- 1032650
- 1032651
- 1032651
- 1032652
- 1032652
- 1032653
- 1032653
- 1032654
- 1032654
- 1032655
- 1032655
- 1032656
- 1032656
- 1032688
- 1032688
- 1032699
- 1032699
- 1032702
- 1032702
- 1032727
- 1032727
- 1032759
- 1032759
- 1032777
- 1032777
- 1032778
- 1032778
- 1032783
- 1032783
- 1032784
- 1032784
- 1032856
- 1032856
- 1032864
- 1032864
- 1032865
- 1032865
- 1032871
- 1032871
- 1032884
- 1032884
- 1032910
- 1032910
- 1032932
- 1032932
- 1032960
- 1032960
- 1033019
- 1033019
- 1033064
- 1033064
- 1033065
- 1033065
- 1033067
- 1033067
- 1033208
- 1033208
- 1033209
- 1033209
- 1033210
- 1033210
- 1033222
- 1033222
- 1033341
- 1033341
- 1033385
- 1033385
- 1033416
- 1033416
- 1033430
- 1033430
- 1033433
- 1033433
- 1033513
- 1033513
- 1033760
- 1033760
- 1033891
- 1033891
- 1033991
- 1033991
- 1034087
- 1034087
- 1034728
- 1034728
- 1034884
- 1034884
- 1036218
- 1036218
- 1040630
- 1040630
- http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
- http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm
- USN-2656-1
- USN-2656-1
- USN-2656-2
- USN-2656-2
- USN-2673-1
- USN-2673-1
- USN-2696-1
- USN-2696-1
- USN-2706-1
- USN-2706-1
- http://www-01.ibm.com/support/docview.wss?uid=swg21959111
- http://www-01.ibm.com/support/docview.wss?uid=swg21959111
- http://www-01.ibm.com/support/docview.wss?uid=swg21959195
- http://www-01.ibm.com/support/docview.wss?uid=swg21959195
- http://www-01.ibm.com/support/docview.wss?uid=swg21959325
- http://www-01.ibm.com/support/docview.wss?uid=swg21959325
- http://www-01.ibm.com/support/docview.wss?uid=swg21959453
- http://www-01.ibm.com/support/docview.wss?uid=swg21959453
- http://www-01.ibm.com/support/docview.wss?uid=swg21959481
- http://www-01.ibm.com/support/docview.wss?uid=swg21959481
- http://www-01.ibm.com/support/docview.wss?uid=swg21959517
- http://www-01.ibm.com/support/docview.wss?uid=swg21959517
- http://www-01.ibm.com/support/docview.wss?uid=swg21959530
- http://www-01.ibm.com/support/docview.wss?uid=swg21959530
- http://www-01.ibm.com/support/docview.wss?uid=swg21959539
- http://www-01.ibm.com/support/docview.wss?uid=swg21959539
- http://www-01.ibm.com/support/docview.wss?uid=swg21959636
- http://www-01.ibm.com/support/docview.wss?uid=swg21959636
- http://www-01.ibm.com/support/docview.wss?uid=swg21959812
- http://www-01.ibm.com/support/docview.wss?uid=swg21959812
- http://www-01.ibm.com/support/docview.wss?uid=swg21960191
- http://www-01.ibm.com/support/docview.wss?uid=swg21960191
- http://www-01.ibm.com/support/docview.wss?uid=swg21961717
- http://www-01.ibm.com/support/docview.wss?uid=swg21961717
- http://www-01.ibm.com/support/docview.wss?uid=swg21962455
- http://www-01.ibm.com/support/docview.wss?uid=swg21962455
- http://www-01.ibm.com/support/docview.wss?uid=swg21962739
- http://www-01.ibm.com/support/docview.wss?uid=swg21962739
- http://www-304.ibm.com/support/docview.wss?uid=swg21958984
- http://www-304.ibm.com/support/docview.wss?uid=swg21958984
- http://www-304.ibm.com/support/docview.wss?uid=swg21959132
- http://www-304.ibm.com/support/docview.wss?uid=swg21959132
- http://www-304.ibm.com/support/docview.wss?uid=swg21960041
- http://www-304.ibm.com/support/docview.wss?uid=swg21960041
- http://www-304.ibm.com/support/docview.wss?uid=swg21960194
- http://www-304.ibm.com/support/docview.wss?uid=swg21960194
- http://www-304.ibm.com/support/docview.wss?uid=swg21960380
- http://www-304.ibm.com/support/docview.wss?uid=swg21960380
- http://www-304.ibm.com/support/docview.wss?uid=swg21960418
- http://www-304.ibm.com/support/docview.wss?uid=swg21960418
- http://www-304.ibm.com/support/docview.wss?uid=swg21962816
- http://www-304.ibm.com/support/docview.wss?uid=swg21962816
- http://www-304.ibm.com/support/docview.wss?uid=swg21967893
- http://www-304.ibm.com/support/docview.wss?uid=swg21967893
- https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
- https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/
- https://bto.bluecoat.com/security-advisory/sa98
- https://bto.bluecoat.com/security-advisory/sa98
- https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
- https://bugzilla.mozilla.org/show_bug.cgi?id=1138554
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
- SSRT102112
- SSRT102112
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929
- http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
- http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc
- http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
- http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery
- NetBSD-SA2015-008
- NetBSD-SA2015-008
- http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
- http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402
- http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
- http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
- APPLE-SA-2015-06-30-1
- APPLE-SA-2015-06-30-1
- APPLE-SA-2015-06-30-2
- APPLE-SA-2015-06-30-2
- FEDORA-2015-9130
- FEDORA-2015-9130
- FEDORA-2015-9048
- FEDORA-2015-9048
- FEDORA-2015-9161
- FEDORA-2015-9161
- openSUSE-SU-2015:1139
- openSUSE-SU-2015:1139
- SUSE-SU-2015:1143
- SUSE-SU-2015:1143
- SUSE-SU-2015:1150
- SUSE-SU-2015:1150
- SUSE-SU-2015:1177
- SUSE-SU-2015:1177
- SUSE-SU-2015:1181
- SUSE-SU-2015:1181
- SUSE-SU-2015:1182
- SUSE-SU-2015:1182
- SUSE-SU-2015:1183
- SUSE-SU-2015:1183
- SUSE-SU-2015:1184
- SUSE-SU-2015:1184
- SUSE-SU-2015:1185
- SUSE-SU-2015:1185
- openSUSE-SU-2015:1229
- openSUSE-SU-2015:1229
- openSUSE-SU-2015:1266
- openSUSE-SU-2015:1266
- SUSE-SU-2015:1268
- SUSE-SU-2015:1268
- SUSE-SU-2015:1269
- SUSE-SU-2015:1269
- openSUSE-SU-2015:1277
- openSUSE-SU-2015:1277
- openSUSE-SU-2015:1288
- openSUSE-SU-2015:1288
- openSUSE-SU-2015:1289
- openSUSE-SU-2015:1289
- SUSE-SU-2015:1319
- SUSE-SU-2015:1319
- SUSE-SU-2015:1320
- SUSE-SU-2015:1320
- SUSE-SU-2015:1449
- SUSE-SU-2015:1449
- SUSE-SU-2015:1581
- SUSE-SU-2015:1581
- SUSE-SU-2015:1663
- SUSE-SU-2015:1663
- SUSE-SU-2016:0224
- SUSE-SU-2016:0224
- openSUSE-SU-2016:0226
- openSUSE-SU-2016:0226
- openSUSE-SU-2016:0255
- openSUSE-SU-2016:0255
- openSUSE-SU-2016:0261
- openSUSE-SU-2016:0261
- SUSE-SU-2016:0262
- SUSE-SU-2016:0262
- openSUSE-SU-2015:1209
- openSUSE-SU-2015:1209
- openSUSE-SU-2015:1684
- openSUSE-SU-2015:1684
- openSUSE-SU-2016:0478
- openSUSE-SU-2016:0478
- openSUSE-SU-2016:0483
- openSUSE-SU-2016:0483
- HPSBMU03356
- HPSBMU03356
- HPSBGN03351
- HPSBGN03351
- HPSBGN03362
- HPSBGN03362
- HPSBGN03361
- HPSBGN03361
- HPSBUX03363
- HPSBUX03363
- HPSBGN03373
- HPSBGN03373
- HPSBUX03388
- HPSBUX03388
- SSRT102180
- SSRT102180
- HPSBMU03345
- HPSBMU03345
- HPSBGN03404
- HPSBGN03404
- HPSBGN03399
- HPSBGN03399
- HPSBGN03405
- HPSBGN03405
- HPSBGN03411
- HPSBGN03411
- HPSBGN03402
- HPSBGN03402
- HPSBGN03407
- HPSBGN03407
- HPSBMU03401
- HPSBMU03401
- HPSBUX03512
- HPSBUX03512
- SSRT102254
- SSRT102254
- HPSBGN03533
- HPSBGN03533
- [oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice
- [oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice
- RHSA-2015:1072
- RHSA-2015:1072
- RHSA-2015:1185
- RHSA-2015:1185
- RHSA-2015:1197
- RHSA-2015:1197
- RHSA-2015:1228
- RHSA-2015:1228
- RHSA-2015:1229
- RHSA-2015:1229
- RHSA-2015:1230
- RHSA-2015:1230
- RHSA-2015:1241
- RHSA-2015:1241
- RHSA-2015:1242
- RHSA-2015:1242
- RHSA-2015:1243
- RHSA-2015:1243
- RHSA-2015:1485
- RHSA-2015:1485
- RHSA-2015:1486
- RHSA-2015:1486
- RHSA-2015:1488
- RHSA-2015:1488
- RHSA-2015:1526
- RHSA-2015:1526
- RHSA-2015:1544
- RHSA-2015:1544
- RHSA-2015:1604
- RHSA-2015:1604
- RHSA-2016:1624
- RHSA-2016:1624
- RHSA-2016:2056
- RHSA-2016:2056
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204942
- http://support.apple.com/kb/HT204942
- http://support.citrix.com/article/CTX201114
- http://support.citrix.com/article/CTX201114
- DSA-3287
- DSA-3287
- DSA-3300
- DSA-3300
- DSA-3316
- DSA-3316
- DSA-3324
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://kc.mcafee.com/corporate/index?page=content&id=SB10122
- https://kc.mcafee.com/corporate/index?page=content&id=SB10122
- https://openssl.org/news/secadv/20150611.txt
- https://openssl.org/news/secadv/20150611.txt
- https://puppet.com/security/cve/CVE-2015-4000
- https://puppet.com/security/cve/CVE-2015-4000
- GLSA-201506-02
- GLSA-201506-02
- GLSA-201512-10
- GLSA-201512-10
- GLSA-201603-11
- GLSA-201603-11
- GLSA-201701-46
- GLSA-201701-46
- https://security.netapp.com/advisory/ntap-20150619-0001/
- https://security.netapp.com/advisory/ntap-20150619-0001/
- https://support.citrix.com/article/CTX216642
- https://support.citrix.com/article/CTX216642
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us
- https://weakdh.org/
- https://weakdh.org/
- https://weakdh.org/imperfect-forward-secrecy.pdf
- https://weakdh.org/imperfect-forward-secrecy.pdf
- https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
- https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
- https://www.openssl.org/news/secadv_20150611.txt
- https://www.openssl.org/news/secadv_20150611.txt
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.suse.com/security/cve/CVE-2015-4000.html
- https://www.suse.com/security/cve/CVE-2015-4000.html
- https://www-304.ibm.com/support/docview.wss?uid=swg21959745
- https://www-304.ibm.com/support/docview.wss?uid=swg21959745
- https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403
- https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403