Weak Diffie-Hellman Key Vulnerability in ProFTPD

Weak Diffie-Hellman Key Vulnerability in ProFTPD

CVE-2016-3125 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.

Learn more about our Web Application Penetration Testing UK.