Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
Weakness in Debian undermines crypto
Published: 2008-05-15

A flaw in the way that OpenSSL is implemented in the Ubuntu and Debian distributions of Linux have earned the software an unenviable adjective in the world of encryption: Predictable.

On Tuesday, the team behind the popular Ubuntu distribution of Linux announced that it had issued a patch to fix a flaw inadvertently added to the OpenSSL code which dramatically reduced the number of possible keys generated by the software. While the flaw is in OpenSSL, the same code is used to generate keys for a number of other popular programs, including OpenSSH, OpenVPN and SSL certificates.

"All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied," the advisory stated.

Underscoring the danger of the attack, security research HD Moore posted tools on Wednesday to help researchers -- and attackers -- brute force the key combinations in a matter of hours.

"Any SSH server that uses a host key generated by a flawed system is (subject) to traffic decryption and a man-in-the-middle attack would be invisible to the users," Moore stated on a page set up to explain the attack. "This flaw is ugly because even systems that do not use the Debian software need to be audited in case any key is being used that was created on a Debian system."

The Ubuntu Linux distribution -- perhaps the most popular flavor of the open-source operating system -- has had a number of security issues in the past three years. In 2006, a programmer found that the Ubuntu installer left behind passwords used during installation, stored in plain text on the disk. Last year, the Ubuntu project had to shut down five of eight community run servers, when attackers exploited the outdated operating systems on the servers to compromised the machines.

The latest flaw was introduced in the system because developers removed a line of code that had caused warnings about the use of uninitialized data when any program was linked to the OpenSSL library, Moore said.

If you have tips or insights on this topic, please contact SecurityFocus.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:
Weakness in Debian undermines crypto 2008-05-16
Torkel Bjørnson


Privacy Statement
Copyright 2009, SecurityFocus