FYI...

- http://www.theregister.co.uk/2008/05/13/debian_openssl_bug/
13 May 2008 - "Debian has warned of a vulnerability in its cryptographic functions that could leave systems open to attack. The use of a cryptographically flawed pseudo random number generator in Debian's implementation of OpenSSL meant that potentially predictable keys were generated. Versions of Debian's OpenSSL packages starting with 0.9.8c-1 (released in September 2006) are potentially vulnerable...

- http://secunia.com/advisories/30220/
Release Date: 2008-05-13
Critical: Highly critical
Impact: Security Bypass, DoS, System access
Where: From remote
Solution Status: Vendor Patch
...The security issue is reported in Debian's OpenSSL packages starting with 0.9.8c-1... affects all keys generated with an affected package...
Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00152.html

FYI...

- http://isc.sans.org/diary.html?storyid=4420
Last Updated: 2008-05-15 07:47:03 UTC - "...H D Moore posted a web page containing all SSH 1024, 2048 and 4096-bit RSA keys he brute forced. It is obvious that this is highly critical – if you are running a Debian or Ubuntu system, and you are using keys for SSH authentication (ironically, that's something we've been recommending for a long time), and those keys were generated between September 2006 and May 13th 2008 then you are vulnerable. In other words, those secure systems can be very easily brute forced. What's even worse, H D Moore said that he will soon release a brute force tool that will allow an attacker easy access to any SSH account that uses public key authentication. But this is not all – keep in mind that ANY cryptographic material created on vulnerable systems can be compromised. If you generated SSL keys on such Debian or Ubuntu systems, you will have to recreate the certificates and get them signed again. An attacker can even decrypt old SSH sessions now. The Debian project guys released a tool that can detect weak keys (it is not 100% correct though as the blacklist in the tool can be incomplete). You can download the tool from http://security.debian.org/project/extra/dowkd/dowkd.pl.gz ...Please check your systems and make sure that you are both patched, and that you regenerated any potentially weak cryptographic material."

- http://isc.sans.org/diary.html?storyid=4421
Last Updated: 2008-05-15 23:16:38 UTC ...(Version: 3)

- http://www.us-cert.gov/current/#debian_openssl_vulnerability
May 15, 2008

Threatcon - Symantec
- http://www.symantec.com/security_response/threatconlearn.jsp
2008-05-16 05:28 - "ThreatCon is currently at Level 2: Elevated.
The ThreatCon is at level 2. Advisories have been released addressing an issue related to weak key generation in Debian and its variants, such as Ubuntu. Using a weak random number generator in the OpenSSL package, the system generates a weak key when installing services such as Secure Shell (SSH) and OpenVPN. To fix this issue, users are advised to apply available updates for the OpenSSL library and to regenerate all cryptographic keys generated previously by the library. Keys generated from GNUPG and GNUTLS packages are reportedly unaffected. Several tools are already available that allow a brute-force attack against the weak keys. H D Moore has released a database of all weak keys generated for a typical encryption key space:
( http://metasploit.com/users/hdm/tools/debian-openssl/ )
A script to brute-force the keys using that database has also been released on milw0rm by M. Mueller:
( http://www.milw0rm.com/exploits/5622 )
These tools could be used to bypass key-based login for shell services such as SSH. Other potential tools could be used to decrypt traffic such as login information or to forge digital signatures.
The Debian advisory addressing the issue provides information on how to tell if your system was using vulnerable keys. The following Debian and Ubuntu advisories are available:
DSA-1571-1 openssl -- predictable random number generator
( http://www.debian.org/security/2008/dsa-1571 )
USN-612-1: OpenSSL vulnerability
( http://www.ubuntu.com/usn/USN-612-1 ) ."

-----------

FYI...

- http://isc.sans.org/diary.html?storyid=4423
Last Updated: 2008-05-16 21:56:23 UTC - "...Debian Wiki has a good (and evolving) write-up on problems and resolutions: wiki.debian.org/SSLkeys* ... check those "authorized_keys" files for SSH on -all- platforms, not just on Debian."
* http://wiki.debian.org/SSLkeys