Bug 938905 – VUL-1: inn: The Logjam Attack / weakdh.org

Bug 938905 - VUL-1: inn: The Logjam Attack / weakdh.org


Summary:	VUL-1: inn: The Logjam Attack / weakdh.org

Status:	NEW

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Major
Target Milestone:	---
Assigned To:	Michael Schröder
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:planned:update
Keywords:

Depends on:
Blocks:	CVE-2015-4000
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2015-07-21 11:05 UTC by Marcus Meissner
Modified:	2017-03-02 14:10 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-07-21 11:05:37 UTC

+++ This bug was initially created as a clone of Bug #931600 +++

INN uses a DH param selection that would violate logjam constraints.

nnrpd/tls.c:
static DH *tmp_dh_cb(SSL *s UNUSED, int export UNUSED, int keylength)

selects depending on keysize 512, 1024, ...  or bitlength(key) DH parameters.

It should only selects DH parameters >= 1024 bit.

This would happen for customers with old RSA keys < 1024 bits.

Please add:

if (keylength < 1024) keylength = 1024;

at the begin of this function.

(as probably only a small number of customers use inn and use inn with ssl, this can be delayed a bit)

Comment 1 Swamp Workflow Management 2015-07-21 21:59:50 UTC

bugbot adjusting priority