Ubuntu
openssl package

[CVE-2008-0166] Predictable random number generator in openssl

Bug #229964 reported by Till Ulen
256
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: openssl

CVE-2008-0166 description from Debian security advisory DSA 1571-1:

"Luciano Bello discovered that the random number generator in Debian's
openssl package is predictable. This is caused by an incorrect
Debian-specific change to the openssl package (CVE-2008-0166). As a
result, cryptographic key material may be guessable.

This is a Debian-specific vulnerability which does not affect other
operating systems which are not based on Debian. However, other systems
can be indirectly affected if weak keys are imported into them.

It is strongly recommended that all cryptographic key material which has
been generated by OpenSSL versions starting with 0.9.8c-1 on Debian
systems is recreated from scratch. Furthermore, all DSA keys ever used
on affected Debian systems for signing or authentication purposes should
be considered compromised; the Digital Signature Algorithm relies on a
secret random value used during signature generation.

The first vulnerable version, 0.9.8c-1, was uploaded to the unstable
distribution on 2006-09-17, and has since propagated to the testing and
current stable (etch) distributions. The old stable distribution
(sarge) is not affected.

Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key
material for use in X.509 certificates and session keys used in SSL/TLS
connections. Keys generated with GnuPG or GNUTLS are not affected,
though.

A detector for known weak key material will be published at:

  <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz>
  <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.asc>
    (OpenPGP signature)

Instructions how to implement key rollover for various packages will be
published at:

  <http://www.debian.org/security/key-rollover/>

This web site will be continously updated to reflect new and updated
instructions on key rollovers for packages using SSL certificates.
Popular packages not affected will also be listed."

See:
http://lists.debian.org/debian-security-announce/2008/msg00152.html
http://www.debian.org/security/2008/dsa-1571
http://www.debian.org/security/key-rollover/
(some links are broken yet)

See original description

CVE References

Till Ulen (tillulen)
description: updated
Revision history for this message
Till Ulen (tillulen) wrote :

This has been fixed by USN-612-1, I think.
http://www.ubuntu.com/usn/usn-612-1

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.