User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.115 Safari/537.36 OPR/27.0.1689.76 Steps to reproduce: The webserver tiles.services.mozilla.com supports a highly outdated Diffie Hellman Key exchange service It is also known as the Logjam attaack I did several tests and verified this Here is the POC https://www.ssllabs.com/ssltest/analyze.html?d=tiles.services.mozilla.com&s=220.127.116.11&latest Actual results: The webserver supports the key exchange Expected results: It should be upgraded
Component: General → Tiles: Ops
Product: Mozilla Services → Content Services
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Weak Diffie-Hellman (DH) → Tiles server supports weak 1024-bit Diffie-Hellman (DH)
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
Daniel, you resolved this fixed but with no further data. How was this fixed?
The security policy on the ELB has been changed to one that no longer includes the logjam vulnerable cipher.
Minusing for the bounty because 1024 bit ciphers are the low end of acceptability for ciphers but not inherently vulnerable. This isn't a dangerous security issue.
Flags: sec-bounty? → sec-bounty-
You need to log in before you can comment on or make changes to this bug.