Vulnerability Note VU#925211
Debian and Ubuntu OpenSSL packages contain a predictable random number generator
A vulnerability in the OpenSSL package included with the Debian GNU/Linux operating system and its derivatives may cause weak cryptographic keys to be generated.
A weakness exists in the random number generator used by the OpenSSL package included with the Debian GNU/Linux operating system and derivative systems that causes the generated numbers to be predictable. As a result of this weakness, certain encryption keys are much more common than they should be. This vulnerability affects cryptographic applications that use keys generated by the flawed versions of the OpenSSL package. Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key material for use in X.509 certificates and session keys used in SSL/TLS connections. Any of these keys generated using the affected systems on or after 2006-09-17 may be vulnerable. Keys generated with GnuPG or GNUTLS on the affected systems are not vulnerable because these applications use their own random number generators and not the one from the flawed version of OpenSSL.
Note that this vulnerability is specific to Debian, Ubuntu Linux and other Debian-derived operating systems. Other systems can be indirectly affected if weak keys generated by the vulnerable systems are imported into them.
A remote, unauthenticated attacker with minimal knowledge of the vulnerable system and the ability to conduct a brute force attack against an affected application may be able to guess secret key material. Secondary impacts include authenticated access to the system through the affected service or the ability to perform man-in-the-middle attacks.
Apply a patch from the vendor and regenerate key material
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||-||15 May 2008|
|Ubuntu||Affected||-||15 May 2008|
CVSS Metrics (Learn More)
Thanks to Florian Weimer of the Debian security team for reporting this vulnerability. Debian, in turn, credits Luciano Bello with discovering this issue.
This document was written by Chad R Dougherty.
- CVE IDs: CVE-2008-0166
- Date Public: 13 May 2008
- Date First Published: 15 May 2008
- Date Last Updated: 03 Jun 2008
- Severity Metric: 7.20
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.