CVE-2015-4000

LOW

Openssl < 1.0.1m - Cryptographic Issue

Title source: rule

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

Exploits (1)

nomisec WRITEUP 6 stars

by fatlan · poc

https://github.com/fatlan/HAProxy-Keepalived-Sec-HighLoads

View Code ZIP pw:eip

References (217)

[Third Party Advisory] http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc

[Third Party Advisory] http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery

[Mailing List, Third Party Advisory] http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc

[Third Party Advisory] http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402

[Third Party Advisory] http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778

[Third Party Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681

[Third Party Advisory] http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html

[Mailing List, Third Party Advisory] http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html

... and 197 more

Scores

CVSS v3 3.7

EPSS 0.9374

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-310

Status published

Products (36)

apple/iphone_os < 8.3

apple/mac_os_x < 10.10.3

apple/safari

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 14.10

canonical/ubuntu_linux 15.04

debian/debian_linux 7.0

debian/debian_linux 8.0

google/chrome

... and 26 more

Published May 21, 2015

Tracked Since Feb 18, 2026