May 19, 2008

Debian PRNG Security Vulnerability

PRNG = Pseudo/Predictable Random Number Generator.

This is a critical vulnerability and the exploit/POC is released.
Note: This vulnerability applied to any Debian-based Linux distribution including Ubuntu.

All OpenSSH and X.509 keys generated on vulnerable systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied. Characteristics of potentially vulnerable keys include: The was generated since 2006-09-17 and generated using 'openssl', 'ssh-keygen', or 'openvpn --keygen'.

From SANS: there are 2 scenarios basically,
  • The public key is known publicly (TSL/SSL web server) -> no brute force needed, the attackers walk in private key in hand;
  • The public key isn't found (Eg. SSH server) -> brute force of some 260K keys needed (~20min).

References:
  • http://isc.sans.org/diary.html?storyid=4420
  • http://isc.sans.org/diary.html?storyid=4421
  • http://www.milw0rm.com/exploits/5622
  • http://metasploit.com/users/hdm/tools/debian-openssl/