SSL-TLS LogJam Vulnerability

high Log Correlation Engine Plugin ID 801945

Synopsis

Servers using Diffie-Hellman key exchanges via SSL or TLS that include the export option are vulnerable to a man in the middle attack.

Description

The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection.

Solution

Disable export cipher suites, and instead deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE).

See Also

https://weakdh.org/

https://weakdh.org/sysadmin.html

Plugin Details

Severity: High

ID: 801945

Family: Web Servers

Nessus ID: 83738

Reference Information

CVE: CVE-2015-4000

BID: 74733