VYPR
High severity7.5NVD Advisory· Published Apr 5, 2016· Updated Jun 17, 2026

CVE-2016-3125

CVE-2016-3125

Description

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Proftpd/Proftpd3 versions
    cpe:2.3:a:proftpd:proftpd:1.3.6:rc1:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:proftpd:proftpd:1.3.6:rc1:*:*:*:*:*:*
    • cpe:2.3:a:proftpd:proftpd:*:a:*:*:*:*:*:*range: <=1.3.5
    • (no CPE)range: <1.3.5b, <1.3.6rc2
  • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
    • cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.