CVE-2015-4000 | THREATINT

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

PUBLISHED Reserved 2015-05-15 | Published 2015-05-21 | Updated 2026-05-27 | Assigner mitre

References

lists.opensuse.org/...ecurity-announce/2015-07/msg00006.html (SUSE-SU-2015:1184) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00001.html (SUSE-SU-2015:1177) vendor-advisory

marc.info/?l=bugtraq&m=143880121627664&w=2 (SSRT102180) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1243.html (RHSA-2015:1243) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00025.html (openSUSE-SU-2015:1229) vendor-advisory

www.securitytracker.com/id/1033208 (1033208) vdb-entry

www.securitytracker.com/id/1032637 (1032637) vdb-entry

marc.info/?l=bugtraq&m=144050121701297&w=2 (HPSBGN03404) vendor-advisory

www.debian.org/security/2016/dsa-3688 (DSA-3688) vendor-advisory

www.debian.org/security/2015/dsa-3287 (DSA-3287) vendor-advisory

marc.info/?l=bugtraq&m=144493176821532&w=2 (HPSBUX03512) vendor-advisory

www.securitytracker.com/id/1032865 (1032865) vdb-entry

marc.info/?l=bugtraq&m=143557934009303&w=2 (HPSBGN03351) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00033.html (SUSE-SU-2015:1268) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-06/msg00026.html (SUSE-SU-2015:1150) vendor-advisory

www.securitytracker.com/id/1034728 (1034728) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-07/msg00005.html (SUSE-SU-2015:1183) vendor-advisory

www.securitytracker.com/id/1032656 (1032656) vdb-entry

rhn.redhat.com/errata/RHSA-2016-2056.html (RHSA-2016:2056) vendor-advisory

openwall.com/lists/oss-security/2015/05/20/8 ([oss-security] 20150520 CVE-2015-4000 - TLS does not properly convey server's ciphersuite choice) mailing-list

lists.opensuse.org/opensuse-updates/2015-10/msg00011.html (openSUSE-SU-2015:1684) vendor-advisory

marc.info/?l=bugtraq&m=143628304012255&w=2 (HPSBGN03361) vendor-advisory

marc.info/?l=bugtraq&m=144060576831314&w=2 (HPSBGN03399) vendor-advisory

www.securitytracker.com/id/1032475 (1032475) vdb-entry

www.securitytracker.com/id/1032960 (1032960) vdb-entry

lists.opensuse.org/...ecurity-announce/2016-01/msg00037.html (openSUSE-SU-2016:0255) vendor-advisory

www.securitytracker.com/id/1032653 (1032653) vdb-entry

lists.opensuse.org/...ecurity-announce/2016-01/msg00031.html (SUSE-SU-2016:0224) vendor-advisory

www.securitytracker.com/id/1033385 (1033385) vdb-entry

security.gentoo.org/glsa/201512-10 (GLSA-201512-10) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1229.html (RHSA-2015:1229) vendor-advisory

lists.opensuse.org/opensuse-updates/2016-02/msg00097.html (openSUSE-SU-2016:0483) vendor-advisory

www.securitytracker.com/id/1032864 (1032864) vdb-entry

www.securitytracker.com/id/1032910 (1032910) vdb-entry

www.securitytracker.com/id/1032645 (1032645) vdb-entry

www.ubuntu.com/usn/USN-2706-1 (USN-2706-1) vendor-advisory

security.gentoo.org/glsa/201701-46 (GLSA-201701-46) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1526.html (RHSA-2015:1526) vendor-advisory

www.securitytracker.com/id/1033760 (1033760) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1485.html (RHSA-2015:1485) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1197.html (RHSA-2015:1197) vendor-advisory

marc.info/?l=bugtraq&m=144104533800819&w=2 (HPSBMU03401) vendor-advisory

www.securitytracker.com/id/1032699 (1032699) vdb-entry

www.securitytracker.com/id/1032476 (1032476) vdb-entry

www.securitytracker.com/id/1032649 (1032649) vdb-entry

marc.info/?l=bugtraq&m=144043644216842&w=2 (HPSBMU03345) vendor-advisory

marc.info/?l=bugtraq&m=143637549705650&w=2 (HPSBUX03363) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1544.html (RHSA-2015:1544) vendor-advisory

lists.fedoraproject.org/...ge-announce/2015-June/159314.html (FEDORA-2015-9130) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00004.html (SUSE-SU-2015:1182) vendor-advisory

h20564.www2.hp.com/.../public/display?docId=emr_na-c04718196 (SSRT102112) vendor-advisory

www.securitytracker.com/id/1032688 (1032688) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-06/msg00024.html (SUSE-SU-2015:1143) vendor-advisory

www.securitytracker.com/id/1032652 (1032652) vdb-entry

lists.fedoraproject.org/...ge-announce/2015-June/159351.html (FEDORA-2015-9048) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1185.html (RHSA-2015:1185) vendor-advisory

marc.info/?l=bugtraq&m=143558092609708&w=2 (HPSBGN03362) vendor-advisory

lists.apple.com/.../security-announce/2015/Jun/msg00002.html (APPLE-SA-2015-06-30-2) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00040.html (openSUSE-SU-2015:1289) vendor-advisory

lists.fedoraproject.org/...ge-announce/2015-June/160117.html (FEDORA-2015-9161) vendor-advisory

marc.info/?l=bugtraq&m=144069189622016&w=2 (HPSBGN03402) vendor-advisory

www.securitytracker.com/id/1032648 (1032648) vdb-entry

www.securitytracker.com/id/1032759 (1032759) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1228.html (RHSA-2015:1228) vendor-advisory

marc.info/?l=bugtraq&m=144060606031437&w=2 (HPSBGN03405) vendor-advisory

www.debian.org/security/2015/dsa-3316 (DSA-3316) vendor-advisory

www.securitytracker.com/id/1033209 (1033209) vdb-entry

www.securitytracker.com/id/1032871 (1032871) vdb-entry

www.debian.org/security/2015/dsa-3324 (DSA-3324) vendor-advisory

www.securitytracker.com/id/1032655 (1032655) vdb-entry

www.securitytracker.com/id/1033210 (1033210) vdb-entry

marc.info/?l=bugtraq&m=144061542602287&w=2 (HPSBGN03411) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00037.html (openSUSE-SU-2015:1277) vendor-advisory

marc.info/?l=bugtraq&m=145409266329539&w=2 (HPSBGN03533) vendor-advisory

www.ubuntu.com/usn/USN-2673-1 (USN-2673-1) vendor-advisory

www.securitytracker.com/id/1034884 (1034884) vdb-entry

marc.info/?l=bugtraq&m=143506486712441&w=2 (HPSBMU03356) vendor-advisory

security.gentoo.org/glsa/201603-11 (GLSA-201603-11) vendor-advisory

www.securitytracker.com/id/1033064 (1033064) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-07/msg00003.html (SUSE-SU-2015:1181) vendor-advisory

www.securitytracker.com/id/1032778 (1032778) vdb-entry

www.securitytracker.com/id/1032474 (1032474) vdb-entry

marc.info/?l=bugtraq&m=144493176821532&w=2 (SSRT102254) vendor-advisory

marc.info/?l=bugtraq&m=144102017024820&w=2 (HPSBGN03407) vendor-advisory

lists.opensuse.org/opensuse-updates/2015-07/msg00016.html (openSUSE-SU-2015:1209) vendor-advisory

www.securitytracker.com/id/1032784 (1032784) vdb-entry

www.securitytracker.com/id/1032777 (1032777) vdb-entry

www.securitytracker.com/id/1033416 (1033416) vdb-entry

www.securitytracker.com/id/1033991 (1033991) vdb-entry

www.securitytracker.com/id/1032647 (1032647) vdb-entry

www.securitytracker.com/id/1032654 (1032654) vdb-entry

www.securitytracker.com/id/1033341 (1033341) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1486.html (RHSA-2015:1486) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-10/msg00001.html (SUSE-SU-2015:1663) vendor-advisory

www.securitytracker.com/id/1033433 (1033433) vdb-entry

www.ubuntu.com/usn/USN-2696-1 (USN-2696-1) vendor-advisory

lists.apple.com/.../security-announce/2015/Jun/msg00001.html (APPLE-SA-2015-06-30-1) vendor-advisory

www.securitytracker.com/id/1032702 (1032702) vdb-entry

www.debian.org/security/2015/dsa-3339 (DSA-3339) vendor-advisory

www.securitytracker.com/id/1032727 (1032727) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1242.html (RHSA-2015:1242) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00034.html (SUSE-SU-2015:1269) vendor-advisory

security.gentoo.org/glsa/201506-02 (GLSA-201506-02) vendor-advisory

www.securityfocus.com/bid/91787 (91787) vdb-entry

rhn.redhat.com/errata/RHSA-2016-1624.html (RHSA-2016:1624) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00031.html (openSUSE-SU-2015:1266) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1488.html (RHSA-2015:1488) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00046.html (SUSE-SU-2015:1319) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00047.html (SUSE-SU-2015:1320) vendor-advisory

www.securitytracker.com/id/1033430 (1033430) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-07/msg00039.html (openSUSE-SU-2015:1288) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1241.html (RHSA-2015:1241) vendor-advisory

lists.opensuse.org/opensuse-updates/2016-02/msg00094.html (openSUSE-SU-2016:0478) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-09/msg00017.html (SUSE-SU-2015:1581) vendor-advisory

marc.info/?l=bugtraq&m=143880121627664&w=2 (HPSBUX03388) vendor-advisory

rhn.redhat.com/errata/RHSA-2015-1230.html (RHSA-2015:1230) vendor-advisory

www.securityfocus.com/bid/74733 (74733) vdb-entry

lists.opensuse.org/...ecurity-announce/2016-01/msg00039.html (openSUSE-SU-2016:0261) vendor-advisory

www.securitytracker.com/id/1032651 (1032651) vdb-entry

www.securitytracker.com/id/1033065 (1033065) vdb-entry

www.ubuntu.com/usn/USN-2656-1 (USN-2656-1) vendor-advisory

lists.opensuse.org/...ecurity-announce/2015-07/msg00007.html (SUSE-SU-2015:1185) vendor-advisory

www.securitytracker.com/id/1033222 (1033222) vdb-entry

www.securitytracker.com/id/1036218 (1036218) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-08/msg00021.html (SUSE-SU-2015:1449) vendor-advisory

marc.info/?l=bugtraq&m=143655800220052&w=2 (HPSBGN03373) vendor-advisory

www.securitytracker.com/id/1040630 (1040630) vdb-entry

lists.opensuse.org/...ecurity-announce/2015-06/msg00023.html (openSUSE-SU-2015:1139) vendor-advisory

www.securitytracker.com/id/1034087 (1034087) vdb-entry

www.securitytracker.com/id/1033513 (1033513) vdb-entry

www.securitytracker.com/id/1032884 (1032884) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1604.html (RHSA-2015:1604) vendor-advisory

lists.opensuse.org/...ecurity-announce/2016-01/msg00040.html (SUSE-SU-2016:0262) vendor-advisory

www.securitytracker.com/id/1032932 (1032932) vdb-entry

www.securitytracker.com/id/1033891 (1033891) vdb-entry

lists.opensuse.org/...ecurity-announce/2016-01/msg00032.html (openSUSE-SU-2016:0226) vendor-advisory

www.securitytracker.com/id/1032783 (1032783) vdb-entry

www.securitytracker.com/id/1032856 (1032856) vdb-entry

ftp.netbsd.org/...urity/advisories/NetBSD-SA2015-008.txt.asc (NetBSD-SA2015-008) vendor-advisory

www.debian.org/security/2015/dsa-3300 (DSA-3300) vendor-advisory

www.ubuntu.com/usn/USN-2656-2 (USN-2656-2) vendor-advisory

www.securitytracker.com/id/1033067 (1033067) vdb-entry

www.securitytracker.com/id/1033019 (1033019) vdb-entry

rhn.redhat.com/errata/RHSA-2015-1072.html (RHSA-2015:1072) vendor-advisory

www.securitytracker.com/id/1032650 (1032650) vdb-entry

www.oracle.com/.../security-advisory/cpujul2016-2881720.html

www.oracle.com/security-alerts/cpujan2021.html

kb.juniper.net/InfoCenter/index?page=content&id=JSA10681

www-01.ibm.com/support/docview.wss?uid=swg21962739

www-947.ibm.com/...ry/portal/docdisplay?lndocid=MIGR-5098403

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04923929

www.oracle.com/...rk/topics/security/cpujul2015-2367936.html

kc.mcafee.com/corporate/index?page=content&id=SB10122

support.apple.com/kb/HT204941

www-304.ibm.com/support/docview.wss?uid=swg21962816

www-01.ibm.com/support/docview.wss?uid=swg21959812

www-304.ibm.com/support/docview.wss?uid=swg21959745

weakdh.org/imperfect-forward-secrecy.pdf

www-304.ibm.com/support/docview.wss?uid=swg21959132

blog.cloudflare.com/...e-latest-tls-vulnerability-explained/

www-01.ibm.com/support/docview.wss?uid=swg21959539

www.openssl.org/...2015/05/20/logjam-freak-upcoming-changes/

www-01.ibm.com/support/docview.wss?uid=swg21959325

openssl.org/news/secadv/20150611.txt

h20566.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04740527

www.oracle.com/...rk/topics/security/cpuoct2015-2367953.html

h20564.www2.hpe.com/...public/display?docId=emr_na-c04949778

support.hpe.com/...cale=en_US&docId=emr_na-hpesbhf03831en_us

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04772190

www-304.ibm.com/support/docview.wss?uid=swg21967893

www-304.ibm.com/support/docview.wss?uid=swg21958984

www.oracle.com/...rk/topics/security/cpujan2016-2367955.html

www-01.ibm.com/support/docview.wss?uid=swg21959517

www.oracle.com/...pics/security/bulletinjul2015-2511963.html

www-01.ibm.com/support/docview.wss?uid=swg21959195

www-01.ibm.com/support/docview.wss?uid=swg21961717

www-304.ibm.com/support/docview.wss?uid=swg21960041

www-304.ibm.com/support/docview.wss?uid=swg21960194

developer.mozilla.org/...ojects/NSS/NSS_3.19.1_release_notes

www-01.ibm.com/support/docview.wss?uid=swg21959453

security.netapp.com/advisory/ntap-20150619-0001/

www-01.ibm.com/support/docview.wss?uid=swg21959111

www-304.ibm.com/support/docview.wss?uid=swg21960418

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04832246

www.suse.com/security/cve/CVE-2015-4000.html

help.ecostruxureit.com/...ation+Software+Vulnerability+Fixes

h20566.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04953655

h20566.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c05128722

support.citrix.com/article/CTX201114

fortiguard.com/...ssl-alternative-chains-certificate-forgery

www-304.ibm.com/support/docview.wss?uid=swg21960380

support.apple.com/kb/HT204942

h20564.www2.hpe.com/...public/display?docId=emr_na-c04876402

h20566.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c05193083

aix.software.ibm.com/...ixes/security/sendmail_advisory2.asc

kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04773241

www-01.ibm.com/support/docview.wss?uid=swg21959530

www.oracle.com/...ecurity-advisory/cpuapr2016v3-2985753.html

www-01.ibm.com/support/docview.wss?uid=swg21960191

www-01.ibm.com/support/docview.wss?uid=swg21959636

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04918839

www.oracle.com/...pics/security/bulletinjan2016-2867206.html

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04770140

h20566.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c05045763

puppet.com/security/cve/CVE-2015-4000

www.mozilla.org/security/announce/2015/mfsa2015-70.html

www.solarwinds.com/...ger/docs/ReleaseNotes/releaseNotes.htm

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04926789

support.citrix.com/article/CTX216642

weakdh.org/

h20564.www2.hpe.com/.../kb/docDisplay?docId=emr_na-c04773119

www-01.ibm.com/support/docview.wss?uid=swg21959481

bto.bluecoat.com/security-advisory/sa98

bugzilla.mozilla.org/show_bug.cgi?id=1138554

www-01.ibm.com/support/docview.wss?uid=swg21962455

www.openssl.org/news/secadv_20150611.txt

www.fortiguard.com/advisory/2015-05-20-logjam-attack

cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf