Security Vulnerability: DHEater aka CVE-2002-20001

Security researchers from Balasys have published a new attack on Diffie-Hellman key exchange which allows remote attackers to attack network facing SSL / TLS / HTTPS / SSH services leading to excessive compute time usage even by sending small amounts of network traffic even before authentication.

All applications on SUSE Linux Enterprise are affected that have DHE enabled. The Diffie-Hellman Epheremal key exchange is usually configured by default to provide perfect forward secrecy.

Note that Elliptic Curve Diffie-Hellman is not affected by this problem.