Disable Diffie-Hellman Modulus vsFTPD


Recently I had a dial with one of the compliance reports that outlined the ‘Logjam’ vulnerability in vsftpd configuration related to using weak Diffie-Hellman ciphers for TLS encryption.

Here how it is being identified by Nessus scanner:

Screenshot from 2015-12-30 14:01:52

Vulnerable connection combinations :
SSL/TLS version : TLSv1.2
Cipher suite : TLS1_DHE_RSA_WITH_AES_256_CBC_SHA256
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.2
Cipher suite : TLS12_DHE_RSA_WITH_AES_128_GCM_SHA256
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.2
Cipher suite : TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.2
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resources)
 
SSL/TLS version : TLSv1.2
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA7
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resources)

SSL/TLS version : TLSv1.2
Cipher suite : TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
 Diffie-Hellman MODP size (bits) : 1024
 Warning - This is a known static Oakley Group2 modulus. This may make the
 remote host more vulnerable to the Logjam attack.
 Logjam attack difficulty : Hard (would require nation-state resource

On the following page you can find ways to disable Diffie-Hellman for Apache, Lighttpd, Nginx. Even Tomcat and HaProxy were included into the list. Unfortuantely it doesn’t contain any notes about vsFTPD:
https://weakdh.org/sysadmin.html

The following changes should be applied to /etc/vsftpd/vsftpd.conf file:

Force vsftpd to work with tls 1.1 and 1.2 only:

ssl_tlsv1=NO
ssl_sslv2=NO
ssl_sslv3=NO

Nessus considered the vullnerability as fixed when ssl_ciphers line had the following view:

ssl_ciphers=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES256-SHA:!DHE-RSA-AES128-SHA:!DHE-RSA-AES256-SHA256:!DHE-RSA-CAMELLIA128-SHA:!DHE-RSA-CAMELLIA256-SHA

Share Button

Leave a Reply

You must be logged in to post a comment.