Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2015-4000

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

POC

Reference

- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

- http://www.securityfocus.com/bid/91787

- http://www.ubuntu.com/usn/USN-2656-1

- http://www.ubuntu.com/usn/USN-2673-1

- http://www.ubuntu.com/usn/USN-2706-1

- https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/

- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

- https://kc.mcafee.com/corporate/index?page=content&id=SB10122

- https://weakdh.org/

- https://weakdh.org/imperfect-forward-secrecy.pdf

- https://www.oracle.com/security-alerts/cpujan2021.html

Github

- https://github.com/84KaliPleXon3/a2sv

- https://github.com/8ctorres/SIND-Practicas

- https://github.com/AKApul/03-sysadmin-09-security

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AleksandrMihajlov/SDB-13-01

- https://github.com/Artem-Salnikov/devops-netology

- https://github.com/Artem-Tvr/sysadmin-09-security

- https://github.com/DButter/whitehat_public

- https://github.com/Dit-Developers/Metasploitable2

- https://github.com/Dom-Techblue/Relatorio_pentest

- https://github.com/ELHADANITAHA/OWASP-JSP-TP

- https://github.com/EvgeniyaBalanyuk/attacks

- https://github.com/F4RM0X/script_a2sv

- https://github.com/H4CK3RT3CH/a2sv

- https://github.com/Justic-D/Dev_net_home_1

- https://github.com/Kapotov/3.9.1

- https://github.com/Live-Hack-CVE/CVE-2015-4000

- https://github.com/MrE-Fog/a2sv

- https://github.com/Mre11i0t/a2sv

- https://github.com/NikolayAntipov/DB_13-01

- https://github.com/Nissiuser/Vulnerability-Scan-Report

- https://github.com/Officerwasu/Elevate-Labs-Task-3

- https://github.com/PS-RANASINGHE/Crypto-Ex---7

- https://github.com/Samaritin/OSINT

- https://github.com/SwastikS7/vulnerability-scan-task-3

- https://github.com/TheRipperJhon/a2sv

- https://github.com/Untouchable17/HTTP-ExploitKit

- https://github.com/Vainoord/devops-netology

- https://github.com/Valdem88/dev-17_ib-yakovlev_vs

- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14

- https://github.com/Wanderwille/13.01

- https://github.com/WiktorMysz/devops-netology

- https://github.com/aaronamran/Vulnerability-Scanning-Lab-with-OpenVAS-and-Metasploitable2

- https://github.com/alexandrburyakov/Rep2

- https://github.com/alexgro1982/devops-netology

- https://github.com/alexoslabs/HTTPSScan

- https://github.com/anthophilee/A2SV--SSL-VUL-Scan

- https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform

- https://github.com/bysart/devops-netology

- https://github.com/clic-kbait/A2SV--SSL-VUL-Scan

- https://github.com/clino-mania/A2SV--SSL-VUL-Scan

- https://github.com/coldorb0/SSL-Scanner

- https://github.com/dmitrii1312/03-sysadmin-09

- https://github.com/eSentire/nmap-esentire

- https://github.com/fatlan/HAProxy-Keepalived-Sec-HighLoads

- https://github.com/fireorb/SSL-Scanner

- https://github.com/fireorb/sslscanner

- https://github.com/geon071/netolofy_12

- https://github.com/giusepperuggiero96/Network-Security-2021

- https://github.com/hahwul/a2sv

- https://github.com/ilya-starchikov/devops-netology

- https://github.com/javirodriguezzz/Shodan-Browser

- https://github.com/kernelfucker/sslv

- https://github.com/koorchik/dissert

- https://github.com/koorchik/llm-analysis-of-text-data

- https://github.com/lithekevin/Threat-TLS

- https://github.com/mawinkler/c1-ws-ansible

- https://github.com/n0-traces/cve_monitor

- https://github.com/neo-13th/HW13.1

- https://github.com/nikolay480/devops-netology

- https://github.com/pashicop/3.9_1

- https://github.com/rdxkeerthi/Post-Quantum-TLS-Readiness-and-Downgrade-Attack-Simulator

- https://github.com/shayilkhani/cryptographic-remediation-deployment

- https://github.com/stanmay77/security

- https://github.com/syedrayan5/Vulnerability-Assessment-Metasploitable2

- https://github.com/tahaAmineMiri/agent_testssl

- https://github.com/thekondrashov/stuff

- https://github.com/vitaliivakhr/NETOLOGY

- https://github.com/waseemasmaeel/A2sv_Tools

- https://github.com/yellownine/netology-DevOps

- https://github.com/yurkao/python-ssl-deprecated