CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3125

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2016-3125

Proftpd » Proftpd » Version: 1.3.0

cpe:2.3:a:proftpd:proftpd:1.3.0
Proftpd » Proftpd » Version: 1.3.2

cpe:2.3:a:proftpd:proftpd:1.3.2
Proftpd » Proftpd » Version: 1.3.3

cpe:2.3:a:proftpd:proftpd:1.3.3
Proftpd » Proftpd » Version: 1.3.4

cpe:2.3:a:proftpd:proftpd:1.3.4
Proftpd » Proftpd » Version: 1.3.5

cpe:2.3:a:proftpd:proftpd:1.3.5
Proftpd » Proftpd » Version: 1.3.6

cpe:2.3:a:proftpd:proftpd:1.3.6
Fedoraproject » Fedora » Version: 22

cpe:2.3:o:fedoraproject:fedora:22
Fedoraproject » Fedora » Version: 23

cpe:2.3:o:fedoraproject:fedora:23
Opensuse » Opensuse » Version: 13.1

cpe:2.3:o:opensuse:opensuse:13.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3125

Products

Pricing

Contact Us