diff --git a/CHANGELOG b/CHANGELOG
index eacdd3413..b1905d15c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,7 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Fix Diffie-Hellman parameter extraction in tls.lua. [Jacob Gajek]
+
 o [NSE] Added http-webdav-scan, which detects WebDAV installations. [Gyanendra Mishra]
-  
 
 o [NSE] Remove ahbl.org checks from dnsbl.lua, since the service was shut down.
   [Forrest B.]
diff --git a/nselib/tls.lua b/nselib/tls.lua
index da3c3ecb2..21dd8334a 100644
--- a/nselib/tls.lua
+++ b/nselib/tls.lua
@@ -690,7 +690,7 @@ local cipher_info_cache = {
 -- A couple helpers for server_key_exchange parsing
 local function unpack_dhparams (blob, pos)
   local p, g, y
-  pos, p, g, y = bin.unpack(">PPP", blob)
+  pos, p, g, y = bin.unpack(">PPP", blob, pos)
   return pos, {p=p, g=g, y=y}, #p
 end
 
@@ -941,7 +941,7 @@ KEX_ALGORITHMS.DHE_PSK = {
     local pos
     local ret = {}
     pos, ret.psk_identity_hint = bin.unpack(">P", blob)
-    pos, ret.dhparams, ret.strength = unpack_dhparams(blob)
+    pos, ret.dhparams, ret.strength = unpack_dhparams(blob, pos)
     return ret
   end
 }
@@ -955,7 +955,7 @@ KEX_ALGORITHMS.ECDHE_PSK={
     local pos
     local ret = {}
     pos, ret.psk_identity_hint = bin.unpack(">P", blob)
-    pos, ret.ecdhparams, ret.strength = unpack_ecdhparams(blob)
+    pos, ret.ecdhparams, ret.strength = unpack_ecdhparams(blob, pos)
     return ret
   end
 }