Debian and Ubuntu flaw leaves private SSL/SSH keys guessable
By franzon, 13 May 2008 - 22:00 15 comments
The Debian Security Advisory posted up DSA-1571-1 openssl -- predictable random number generator issue today and strongly advised its users to take steps to avoid possible compromising of any systems running on Debian, such as Ubuntu.
The researcher Luciano Bello discovered a security flaw in Debian's random number generator that allows to predict a random generated number. This is caused by an incorrect Debian change to the openssl package. As a result, cryptographic key material may be guessable.
This problem not only affects Debian, but also all its derivatives, such as Ubuntu.
It is strongly recommended that all cryptographic key material which has been generated by OpenSSL versions starting with 0.9.8c-1 on affected systems is recreated from scratch. Furthermore, all DSA keys ever used on affected systems for signing or authentication purposes should be considered compromised.
News Source: Debian Security Advisory DSA-1571-1
Comments (15)
+warwagon - 13 May 2008 - 22:14
.
BilliShere - 13 May 2008 - 22:23
so how do we fix it?
or do we simply wait for a fix.
crap this sucks
nuo - 13 May 2008 - 23:19
don't forget that this only afects debian unstable distribution since 2006-09-17 and etch 4.0
(ubuntu/xubuntu/kubuntu 7.04 - 8.04)
if you haven't generated any ssh keys or X.509 certificates in those systems, then there in nothing to worry about. This is just an issue in keys/certificates generation.
Farchord - 13 May 2008 - 22:43
There's already a fix out for Debian, my guess is there's also prolly one for Ubuntu
Just refreshed and checked the update manager here. No ssl update was showing at first (it refreshes itself daily), but the manual refresh showed that several ssl-related packages are available for updating.
I don't have any SSL keys at all, but for those who do, this is a pretty important thing to get fixed!
HalcyonX12 - 13 May 2008 - 22:50
This highlights the hypocrisy of Debian taking so long to put packages into its stable distribution compared to modifying packages from their original form for inclusion in the Debian distribution. I'm glad attention is being brought to this and hopefully such modifications will be as thoroughly audited as the rest of any modifications that may be included in Debian.
zivan56 - 14 May 2008 - 01:32
Oh noes, someone may guess a 2048 bit key if they spend months working on it
I love how anal/paranoid these guys are...
darkmark327 - 14 May 2008 - 03:56
I love how anal/paranoid these guys are...
Uh, it narrowed the keyspace to about 262000 unique keys. The vulnerable key checker program contains them all, it's about 8 MB.
It's a lot more serious than it sounds at first glance. The security of the entire system (or any encrypted traffic to it, if it was used in SSH or SSL) is pretty much compromised, and has been for the last two years.
Sker - 14 May 2008 - 05:23
I just installed the update for my Hardy installation.
Everyday can be patch day in Linux world (and that's a good thing! ;))
darkmark327 - 14 May 2008 - 11:39
You've never had to manage machines outside your parents' basement, have you?
ranasrule - 14 May 2008 - 05:26
this isnt possible...we all know LINUX cant have security flaws
morphen - 14 May 2008 - 06:10
OMG!! Windows FTW! LINUX FTL!!!
oh i crack my self up ;)
I am Not PCyr - 14 May 2008 - 08:28
opinionated nerd comment + smiley = large ePenis
Can't have Linux security flaws ? or do we mean publicly disclosed flaws ?
franzon - 15 May 2008 - 09:18
Kreuger - 13 June 2008 - 16:16
I still haven't gotten an update for this x)