Endpoint Vulnerability

DHE man-in-the-middle protection

Description

OpenSSL has added protection for TLS clients by rejecting handshakeswith DH parameters shorter than 768 bits. This limit will be increasedto 1024 bits in a future release.OpenSSL 1.0.2 users should upgrade to 1.0.2bOpenSSL 1.0.1 users should upgrade to 1.0.1nFixes for this issue were developed by Emilia K sper and Kurt Roeckxof the OpenSSL development team.

Affected Products

OpenSSL

References

CVE-2015-4000,