CVE-2015-4000

3.7

LOW

Poodle扩展TLS Logjam

Description

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

INFO

Published Date :

May 21, 2015, 12:59 a.m.

Last Modified :

Oct. 22, 2024, 1:42 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

1.4

Exploitability Score :

2.2 Public PoC/Exploit Available at Github

CVE-2015-4000 has a 39 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2015-4000 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Mozilla	firefox
2	Mozilla	firefox_esr
3	Mozilla	thunderbird
4	Mozilla	seamonkey
5	Mozilla	network_security_services
6	Mozilla	firefox_os
1	Oracle	jdk
2	Oracle	jre
3	Oracle	jrockit
4	Oracle	sparc-opl_service_processor
1	Suse	linux_enterprise_server
2	Suse	suse_linux_enterprise_server
3	Suse	linux_enterprise_desktop
4	Suse	linux_enterprise_software_development_kit
1	Apple	mac_os_x
2	Apple	iphone_os
3	Apple	safari
1	Canonical	ubuntu_linux
1	Debian	debian_linux
1	Microsoft	internet_explorer
1	Google	chrome
1	Openssl	openssl
1	Hp	hp-ux
1	Opera	opera_browser
1	Ibm	content_manager

: Total Affected Vendor : 12 | Products : 25

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2015-4000.

URL	Resource
http://aix.software.ibm.com/aix/efixes/security/sendmail_advisory2.asc	Third Party Advisory
http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery	Third Party Advisory
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc	Mailing List Third Party Advisory
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402	Third Party Advisory
http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778	Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10681	Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727	Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html	Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159314.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159351.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160117.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00001.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00001.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-07/msg00016.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143506486712441&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143557934009303&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143558092609708&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143628304012255&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143637549705650&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143655800220052&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=143880121627664&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144043644216842&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144050121701297&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144060576831314&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144060606031437&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144061542602287&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144069189622016&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144102017024820&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144104533800819&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=145409266329539&w=2	Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2015/05/20/8	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1072.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1185.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1197.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1228.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1229.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1230.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1241.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1242.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1243.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1485.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1486.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1488.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1526.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1544.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1604.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1624.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2056.html	Third Party Advisory
http://support.apple.com/kb/HT204941	Third Party Advisory
http://support.apple.com/kb/HT204942	Third Party Advisory
http://support.citrix.com/article/CTX201114	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959111	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959195	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959325	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959453	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959481	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959517	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959530	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959539	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959636	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21959812	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21960191	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21961717	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21962455	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21962739	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21958984	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21959132	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960041	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960194	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960380	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21960418	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21962816	Third Party Advisory
http://www-304.ibm.com/support/docview.wss?uid=swg21967893	Third Party Advisory
http://www.debian.org/security/2015/dsa-3287	Third Party Advisory
http://www.debian.org/security/2015/dsa-3300	Third Party Advisory
http://www.debian.org/security/2015/dsa-3316	Third Party Advisory
http://www.debian.org/security/2015/dsa-3324	Third Party Advisory
http://www.debian.org/security/2015/dsa-3339	Third Party Advisory
http://www.debian.org/security/2016/dsa-3688	Third Party Advisory
http://www.fortiguard.com/advisory/2015-05-20-logjam-attack	Third Party Advisory
http://www.mozilla.org/security/announce/2015/mfsa2015-70.html	Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	Third Party Advisory
http://www.securityfocus.com/bid/74733	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/91787	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032474	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032475	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032476	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032637	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032645	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032647	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032648	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032649	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032650	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032651	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032652	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032653	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032654	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032655	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032656	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032688	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032699	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032702	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032727	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032759	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032777	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032778	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032783	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032784	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032856	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032864	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032865	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032871	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032884	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032910	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032932	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032960	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033019	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033064	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033065	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033067	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033208	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033209	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033210	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033222	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033341	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033385	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033416	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033430	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033433	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033513	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033760	VDB Entry Third Party Advisory
http://www.securitytracker.com/id/1033891	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1033991	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034087	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034728	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034884	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036218	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040630	Third Party Advisory VDB Entry
http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm	Third Party Advisory
http://www.ubuntu.com/usn/USN-2656-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2656-2	Third Party Advisory
http://www.ubuntu.com/usn/USN-2673-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2696-1	Third Party Advisory
http://www.ubuntu.com/usn/USN-2706-1	Third Party Advisory
https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/	Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa98	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=1138554	Issue Tracking Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	Third Party Advisory
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes	Third Party Advisory
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04718196	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929	Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04740527	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04953655	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193083	Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10122	Third Party Advisory
https://openssl.org/news/secadv/20150611.txt	Vendor Advisory
https://puppet.com/security/cve/CVE-2015-4000	Third Party Advisory
https://security.gentoo.org/glsa/201506-02	Third Party Advisory
https://security.gentoo.org/glsa/201512-10	Third Party Advisory
https://security.gentoo.org/glsa/201603-11	Third Party Advisory
https://security.gentoo.org/glsa/201701-46	Third Party Advisory
https://security.netapp.com/advisory/ntap-20150619-0001/	Third Party Advisory
https://support.citrix.com/article/CTX216642	Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03831en_us	Third Party Advisory
https://weakdh.org/	Third Party Advisory
https://weakdh.org/imperfect-forward-secrecy.pdf	Third Party Advisory
https://www-304.ibm.com/support/docview.wss?uid=swg21959745	Third Party Advisory
https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098403	Third Party Advisory
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/	Vendor Advisory
https://www.openssl.org/news/secadv_20150611.txt	Vendor Advisory
https://www.oracle.com/security-alerts/cpujan2021.html	Third Party Advisory
https://www.suse.com/security/cve/CVE-2015-4000.html	Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

AleksandrMihajlov/SDB-13-01

Уязвимости и атаки на информационные системы

Updated: 1 week, 3 days ago

0 stars 0 fork 0 watcher

Born at : Nov. 10, 2024, 4:51 p.m. This repo has been linked 5 different CVEs too.

Samaritin/OSINT

None

Updated: 1 month ago

0 stars 0 fork 0 watcher

Born at : Oct. 19, 2024, 7:04 p.m. This repo has been linked 146 different CVEs too.

EvgeniyaBalanyuk/attacks

None

Updated: 3 months, 2 weeks ago

0 stars 0 fork 0 watcher

Born at : Aug. 5, 2024, 7:01 a.m. This repo has been linked 5 different CVEs too.

Wanderwille/13.01

None

Updated: 1 year, 1 month ago

0 stars 0 fork 0 watcher

Born at : Oct. 13, 2023, 12:02 p.m. This repo has been linked 4 different CVEs too.

NikolayAntipov/DB_13-01

None

Updated: 1 year, 1 month ago

0 stars 0 fork 0 watcher

Born at : Oct. 8, 2023, 1:35 p.m. This repo has been linked 5 different CVEs too.

MrE-Fog/a2sv

None

Dockerfile Python Shell

Updated: 1 year, 6 months ago

0 stars 0 fork 0 watcher

Born at : April 30, 2023, 1:57 p.m. This repo has been linked 8 different CVEs too.

Kapotov/3.9.1

Домашнее задание к занятию «Элементы безопасности информационных систем»

Updated: 1 year, 5 months ago

0 stars 0 fork 0 watcher

Born at : April 5, 2023, 10:39 a.m. This repo has been linked 17 different CVEs too.

stanmay77/security

None

Updated: 1 year, 8 months ago

0 stars 0 fork 0 watcher

Born at : March 13, 2023, 9:44 a.m. This repo has been linked 17 different CVEs too.

8ctorres/SIND-Practicas

Prácticas Seguridad en Entornos Industriales

Python

Updated: 9 months, 3 weeks ago

0 stars 0 fork 0 watcher

Born at : March 7, 2023, 9:13 p.m. This repo has been linked 52 different CVEs too.

DButter/whitehat_public

None

Updated: 1 year, 9 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 13, 2023, 5:42 p.m. This repo has been linked 173 different CVEs too.

geon071/netolofy_12

None

Updated: 1 year, 9 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 11, 2023, 7:59 a.m. This repo has been linked 17 different CVEs too.

Justic-D/Dev_net_home_1

None

HCL Dockerfile Shell Ruby Go Jinja Python PowerShell HTML CSS

Updated: 1 year, 9 months ago

1 stars 0 fork 0 watcher

Born at : Jan. 17, 2023, 3:17 p.m. This repo has been linked 17 different CVEs too.

vitaliivakhr/NETOLOGY

None

Updated: 2 years, 4 months ago

0 stars 0 fork 0 watcher

Born at : July 5, 2022, 8:10 p.m. This repo has been linked 16 different CVEs too.

Valdem88/dev-17_ib-yakovlev_vs

None

Updated: 2 years, 5 months ago

0 stars 0 fork 0 watcher

Born at : June 1, 2022, 3:06 p.m. This repo has been linked 16 different CVEs too.

Artem-Tvr/sysadmin-09-security

None

Updated: 2 years, 8 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 26, 2022, 11:12 a.m. This repo has been linked 17 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2015-4000 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2015-4000 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CPE Deprecation Remap by [email protected]

Oct. 22, 2024

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:a:mozilla:firefox_esr:38.1.0:::::::	OR cpe:2.3:a:mozilla:firefox:38.1.0:::::::

Action	Type	Old Value	New Value
Changed	Reference Type	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf No Types Assigned	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf Third Party Advisory
Changed	Reference Type	https://www.oracle.com/security-alerts/cpujan2021.html No Types Assigned	https://www.oracle.com/security-alerts/cpujan2021.html Third Party Advisory
Changed	CPE Configuration	OR cpe:2.3:a:apple:safari::::::::* cpe:2.3:a:google:chrome:-::::::: cpe:2.3:a:microsoft:internet_explorer::::::::* cpe:2.3:a:mozilla:firefox::::::::* cpe:2.3:a:opera:opera_browser:-:::::::	OR cpe:2.3:a:apple:safari:-::::::: cpe:2.3:a:google:chrome:-::::::: cpe:2.3:a:microsoft:internet_explorer:-::::::: cpe:2.3:a:mozilla:firefox:-::::::: cpe:2.3:a:opera:opera_browser:-:::::::

Action	Type	New Value
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-2056.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2016-1624.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1604.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1544.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1488.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1486.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1485.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1243.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1242.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1241.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1230.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1229.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1228.html [No Types Assigned]
Added	Reference	http://rhn.redhat.com/errata/RHSA-2015-1185.html [No Types Assigned]

Action	Type	Old Value	New Value
Removed	Reference	http://marc.info/?l=bugtraq&m=145249627028751&w=2 [No Types Assigned]
Added	Reference		https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04923929 [No Types Assigned]
Added	Reference		http://www-304.ibm.com/support/docview.wss?uid=swg21967893 [No Types Assigned]
Added	Reference		https://security.gentoo.org/glsa/201512-10 [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html [No Types Assigned]
Added	Reference		http://www.securitytracker.com/id/1034728 [No Types Assigned]
Added	Reference		http://www.securitytracker.com/id/1034087 [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html [No Types Assigned]
Added	Reference		http://www.securitytracker.com/id/1033991 [No Types Assigned]
Added	Reference		https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04918839 [No Types Assigned]
Added	Reference		https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789 [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html [No Types Assigned]
Added	Reference		http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04876402 [No Types Assigned]

Action	Type	Old Value	New Value
Removed	Reference	http://marc.info/?l=bugtraq&m=145408559027301&w=2 [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-updates/2016-02/msg00097.html [No Types Assigned]
Added	Reference		http://www.securitytracker.com/id/1034884 [No Types Assigned]
Added	Reference		http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04949778 [No Types Assigned]
Added	Reference		http://lists.opensuse.org/opensuse-updates/2016-02/msg00094.html [No Types Assigned]

Action	Type	Old Value	New Value
Removed	Reference	https://h20565.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128722
Added	Reference		http://marc.info/?l=bugtraq&m=144060576831314&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144069189622016&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144493176821532&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143637549705650&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144061542602287&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143557934009303&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143628304012255&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144104533800819&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144060606031437&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143558092609708&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143655800220052&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=143506486712441&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144102017024820&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144043644216842&w=2
Added	Reference		http://marc.info/?l=bugtraq&m=144050121701297&w=2

Action	Type	Old Value	New Value
Changed	CPE Configuration	Configuration 1 OR cpe:2.3:a:microsoft:ie::::::::* cpe:2.3:a:mozilla:firefox::::::::* cpe:2.3:a:google:chrome:-::::::: cpe:2.3:a:opera:opera_browser:-::::::: cpe:2.3:a:apple:safari::::::::* Configuration 2 OR cpe:2.3:a:oracle:jrockit:r28.3.6::::::: Configuration 3 OR cpe:2.3:a:openssl:openssl:1.0.1m::::::: (and previous) cpe:2.3:a:openssl:openssl:1.0.2a::::::: (and previous) Configuration 4 OR cpe:2.3:a:oracle:jdk:1.6.0:update_95::::::* cpe:2.3:a:oracle:jre:1.6.0:update_95::::::* cpe:2.3:a:oracle:jre:1.7.0:update_80::::::* cpe:2.3:a:oracle:jdk:1.7.0:update_80::::::* cpe:2.3:a:oracle:jre:1.8.0:update_45::::::* cpe:2.3:a:oracle:jdk:1.8.0:update_45::::::* cpe:2.3:a:oracle:jre:1.7.0:update_75::::::* cpe:2.3:a:oracle:jdk:1.7.0:update_75::::::* cpe:2.3:a:oracle:jre:1.8.0:update_33::::::* cpe:2.3:a:oracle:jdk:1.8.0:update_33::::::*	Configuration 1 OR cpe:2.3:a:ibm:content_manager:8.5:::::enterprise::* Configuration 2 OR cpe:2.3:a:openssl:openssl:1.0.1m::::::: (and previous) cpe:2.3:a:openssl:openssl:1.0.2a::::::: (and previous) Configuration 3 OR cpe:2.3:a:oracle:jrockit:r28.3.6::::::: Configuration 4 OR cpe:2.3:a:mozilla:thunderbird:38.1::::::: cpe:2.3:a:mozilla:thunderbird:31.8::::::: cpe:2.3:a:mozilla:seamonkey:2.35::::::: cpe:2.3:o:mozilla:firefox_os:2.2::::::: cpe:2.3:a:mozilla:firefox_esr:38.1.0::::::: cpe:2.3:a:mozilla:firefox_esr:31.8::::::: cpe:2.3:a:mozilla:firefox:39.0::::::: Configuration 5 OR cpe:2.3:a:oracle:sparc-opl_service_processor:1121::::::: (and previous) Configuration 6 OR cpe:2.3:a:microsoft:ie::::::::* cpe:2.3:a:mozilla:firefox::::::::* cpe:2.3:a:google:chrome:-::::::: cpe:2.3:a:opera:opera_browser:-::::::: cpe:2.3:a:apple:safari::::::::* Configuration 7 AND OR cpe:2.3:a:openssl:openssl:1.0.1m::::::: (and previous) OR cpe:2.3:o:hp:hp-ux:b.11.31::::::: Configuration 8 OR cpe:2.3:o:canonical:ubuntu_linux:15.04::::::: cpe:2.3:o:canonical:ubuntu_linux:14.10::::::: cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::* Configuration 9 OR cpe:2.3:o:suse:linux_enterprise_software_development_kit:12::::::: cpe:2.3:o:suse:linux_enterprise_server:12::::::: cpe:2.3:o:suse:linux_enterprise_desktop:12::::::: cpe:2.3:o:suse:linux_enterprise_server:11.0:sp4::::::* Configuration 10 OR cpe:2.3:o:debian:debian_linux:8.0::::::: cpe:2.3:o:debian:debian_linux:7.0::::::: Configuration 11 OR cpe:2.3:a:oracle:jdk:1.6.0:update_95::::::* cpe:2.3:a:oracle:jre:1.6.0:update_95::::::* cpe:2.3:a:oracle:jre:1.7.0:update_80::::::* cpe:2.3:a:oracle:jdk:1.7.0:update_80::::::* cpe:2.3:a:oracle:jre:1.8.0:update_45::::::* cpe:2.3:a:oracle:jdk:1.8.0:update_45::::::* cpe:2.3:a:oracle:jre:1.7.0:update_75::::::* cpe:2.3:a:oracle:jdk:1.7.0:update_75::::::* cpe:2.3:a:oracle:jre:1.8.0:update_33::::::* cpe:2.3:a:oracle:jdk:1.8.0:update_33::::::* Configuration 12 OR cpe:2.3:a:mozilla:network_security_services:3.19::::::: Configuration 13 OR cpe:2.3:o:apple:mac_os_x:10.10.3::::::: (and previous) cpe:2.3:o:apple:iphone_os:8.3::::::: (and previous)
Added	CVSS V3		AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2015-4000

Poodle扩展TLS Logjam

Description

INFO

May 21, 2015, 12:59 a.m.

Oct. 22, 2024, 1:42 p.m.

Yes !

1.4

2.2

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

CPE Deprecation Remap by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Modified Analysis by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

97.36 }} -0.05%

0.99916

CVSS30 - Vulnerability Scoring System