LUG: [CSM-CERT] US-CERT Technical Cyber Security Alert TA08-137A -- Debian/Ubuntu OpenSSL Random Number Generator Vulnerability (fwd)

Robert Hicks rhicks at Mines.EDU
Fri May 16 15:20:00 MDT 2008

Must Ubuntu and Debian users already know about this.  What you might not 
know is that there is a potential that any public keys created by openssl 
may be weak also.  If any of you use public keys, it is best to generate
new ones and replace the old, possibly weak, keys stored on whatever 
machines you access AFTER patching the machine the keys are generated on. 

Robert Hicks
CTLM East Wing Room 256
1650 Arapahoe Street
Academic Computing & Networking
Colorado School of Mines
Golden, CO  80401

For Academic Computing Support, please open a request at:

---------- Forwarded message ----------
Date: Fri, 16 May 2008 14:18:16 -0400
From: CERT Advisory <cert-advisory at>
To: cert-advisory at
Subject: [CSM-CERT] US-CERT Technical Cyber Security Alert TA08-137A --
     Debian/Ubuntu OpenSSL Random Number Generator Vulnerability

Hash: SHA1

 	   National Cyber Alert System

    Technical Cyber Security Alert TA08-137A

Debian/Ubuntu OpenSSL Random Number Generator Vulnerability

    Original release date: May 16, 2008
    Last revised: --
    Source: US-CERT

Systems Affected

      * Debian, Ubuntu, and Debian-based distributions


    A  vulnerability  in  the  OpenSSL  package  included  with the Debian
    GNU/Linux   operating  system  and  its  derivatives  may  cause  weak
    cryptographic keys to be generated. Any package that uses the affected
    version of SSL could be vulnerable.

I. Description

    A  vulnerabiliity  exists  in  the random number generator used by the
    OpenSSL  package included with the Debian GNU/Linux, Ubuntu, and other
    Debian-based   operating   systems.   This  vulnerability  causes  the
    generated numbers to be predictable.

    The result of this error is that certain encryption keys are much more
    common  than  they should be. This vulnerability affects cryptographic
    applications  that  use  keys  generated by the flawed versions of the
    OpenSSL package. Affected keys include, but may not be limited to, SSH
    keys,  OpenVPN  keys,  DNSSEC  keys, and key material for use in X.509
    certificates  and  session  keys  used  in SSL/TLS connections. Any of
    these keys generated using the affected systems on or after 2006-09-17
    may be vulnerable. Keys generated with GnuPG, GNUTLS, ccrypt, or other
    encryption  utilities  that  do  not  use  OpenSSL  are not vulnerable
    because these applications use their own random number generators.

II. Impact

    A  remote,  unauthenticated  attacker  may be able to guess secret key
    material.  The  attacker may also be able to gain authenticated access
    to    the   system   through   the   affected   service   or   perform
    man-in-the-middle attacks.

III. Solution


    Debian  and  Ubuntu have released fixed versions of OpenSSL to address
    this  issue. System administrators can use the ssh-vulnkey application
    to  check  for  compromised  or weak SSH keys. After applying updates,
    clients using weak keys may be refused by servers.


    Until  updates can be applied, administrators and users are encouraged
    to  restrict  access  to  vulnerable servers. Debian- and Ubuntu-based
    systems   can   use   iptables,   iptables   configuration  tools,  or
    tcp-wrappers to limit access.

IV. References

  * DSA-1571-1 openssl - predictable random number generator  -

  * Debian wiki - SSL keys - <>

  * Ubuntu OpenSSL vulnerability -

  * Ubuntu OpenSSH vulnerability -

  * Ubuntu OpenVPN vulnerability -
    <>Ubuntu SSL-cert vulnerability

  * Ubuntu OpenSSH update - <>

  * Ubuntu OpenVPN regression - <>

  * OpenVPN regression - <>


   The most recent version of this document can be found at:


   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert at> with "TA08-137A Feedback VU#925211" in the

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <>.

   Produced 2008 by US-CERT, a government organization.

   Terms of use:


   Revision History

   May 16, 2008: Initial release
Version: GnuPG v1.2.1 (GNU/Linux)

csm-cert mailing list
csm-cert at
Unsubscribe: csm-cert-unsubscribe at

More information about the lug mailing list