A serious flaw in the OpenSSL code that was being distributed in Debian’s default packages (includes Ubuntu, Kubuntu, etc) was discovered.

This is a major issue because the flaw was in the random number generator process. Instead of mixing in random data for the initial seed, the only “random” value that was used was the current process ID. On the Linux platform, the default maximum process ID is 32,768, resulting in a very small number of seed values being used.

This results in all SSH and SSL keys generated on Debian based systems dating all the way back to September 2006 being affected.

All system administrators that allow users to access their servers with SSH and public key authentication need to audit those keys to see if any of them were created on a vulnerabile system. Any tools that relied on OpenSSL’s PRNG to secure the data they transferred may be vulnerable to an offline attack. Any SSH server that uses a host key generated by a flawed system is subject to traffic decryption and a man-in-the-middle attack would be invisible to the users. This flaw is ugly because even systems that do not use the Debian software need to be audited in case any key is being used that was created on a Debian system.

Luckily there is some help, if you’re systems or users are effected check out the following link for detailed information and references for patches and tools to help you identify vulnerable keys.

source

This entry was posted on Friday, May 16th, 2008 at 2:38 am by Tim Donaworth and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.