Executive Summary

Summary
Title Debian/Ubuntu OpenSSL Random Number Generator Vulnerability
Informations
Name TA08-137A First vendor Publication 2008-05-16
Vendor US-CERT Last vendor Modification 2008-05-16
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the OpenSSL package included with the Debian GNU/Linux operating system and its derivatives may cause weak cryptographic keys to be generated. Any package that uses the affected version of SSL could be vulnerable.

I. Description

A vulnerabiliity exists in the random number generator used by the OpenSSL package included with the Debian GNU/Linux, Ubuntu, and other Debian-based operating systems. This vulnerability causes the generated numbers to be predictable.

The result of this error is that certain encryption keys are much more common than they should be. This vulnerability affects cryptographic applications that use keys generated by the flawed versions of the OpenSSL package. Affected keys include, but may not be limited to, SSH keys, OpenVPN keys, DNSSEC keys, and key material for use in X.509
certificates and session keys used in SSL/TLS connections. Any of these keys generated using the affected systems on or after 2006-09-17
may be vulnerable. Keys generated with GnuPG, GNUTLS, ccrypt, or other encryption utilities that do not use OpenSSL are not vulnerable because these applications use their own random number generators.

II. Impact

A remote, unauthenticated attacker may be able to guess secret key material. The attacker may also be able to gain authenticated access to the system through the affected service or perform man-in-the-middle attacks.

III. Solution

Upgrade

Debian and Ubuntu have released fixed versions of OpenSSL to address this issue. System administrators can use the ssh-vulnkey application to check for compromised or weak SSH keys. After applying updates, clients using weak keys may be refused by servers.

Workaround

Until updates can be applied, administrators and users are encouraged to restrict access to vulnerable servers. Debian- and Ubuntu-based systems can use iptables, iptables configuration tools, or tcp-wrappers to limit access.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA08-137A.html

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-59 Session Credential Falsification through Prediction
CAPEC-112 Brute Force
CAPEC-281 Analytic Attacks

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-338 Use of Cryptographically Weak PRNG

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17595
 
Oval ID: oval:org.mitre.oval:def:17595
Title: USN-612-3 -- openvpn vulnerability
Description: Once the update is applied, weak shared encryption keys and SSL/TLS certificates will be rejected where possible (though they cannot be detected in all cases).
Family: unix Class: patch
Reference(s): USN-612-3
CVE-2008-0166
 Version: 7
Platform(s): Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
 Product(s): openvpn
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17688
 
Oval ID: oval:org.mitre.oval:def:17688
Title: USN-612-1 -- openssl vulnerability
Description: A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems.
Family: unix Class: patch
Reference(s): USN-612-1
CVE-2008-0166
 Version: 7
Platform(s): Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
 Product(s): openssl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17770
 
Oval ID: oval:org.mitre.oval:def:17770
Title: USN-612-2 -- openssh vulnerability
Description: A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems.
Family: unix Class: patch
Reference(s): USN-612-2
CVE-2008-0166
 Version: 5
Platform(s): Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
 Product(s): openssh
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17774
 
Oval ID: oval:org.mitre.oval:def:17774
Title: USN-612-4 -- ssl-cert vulnerability
Description: USN-612-1 fixed vulnerabilities in openssl.
Family: unix Class: patch
Reference(s): USN-612-4
CVE-2008-0166
 Version: 7
Platform(s): Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
 Product(s): ssl-cert
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17807
 
Oval ID: oval:org.mitre.oval:def:17807
Title: USN-612-7 -- openssh update
Description: USN-612-2 introduced protections for OpenSSH, related to the OpenSSL vulnerabilities addressed by USN-612-1.
Family: unix Class: patch
Reference(s): USN-612-7
CVE-2008-0166
 Version: 5
Platform(s): Ubuntu 6.06
 Product(s): openssh
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 254
Os 4
Os 1

OpenVAS Exploits

Date Description
2009-03-23 Name : Ubuntu Update for openssh vulnerability USN-612-2
File : nvt/gb_ubuntu_USN_612_2.nasl
2009-03-23 Name : Ubuntu Update for openvpn vulnerability USN-612-3
File : nvt/gb_ubuntu_USN_612_3.nasl
2009-03-23 Name : Ubuntu Update for ssl-cert vulnerability USN-612-4
File : nvt/gb_ubuntu_USN_612_4.nasl
2009-03-23 Name : Ubuntu Update for openssh update USN-612-7
File : nvt/gb_ubuntu_USN_612_7.nasl
2008-09-04 Name : USN-612-1 through USN-612-11: OpenSSL vulnerability (openssl)
File : nvt/ubuntu_usn-612.nasl
2008-05-27 Name : Debian Security Advisory DSA 1571-1 (openssl)
File : nvt/deb_1571_1.nasl
2008-05-27 Name : Debian Security Advisory DSA 1576-1 (openssh)
File : nvt/deb_1576_1.nasl
2008-05-27 Name : Debian Security Advisory DSA 1576-2 (openssh)
File : nvt/deb_1576_2.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
45503 Ubuntu Linux ssh-vulnkey authorized_keys Unspecified Options Key Guessing Wea...
45029 OpenSSL on Debian/Ubuntu Linux Predictable Random Number Generator (RNG) Cryp...

Nessus® Vulnerability Scanner

Date Description
2013-03-09 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-612-1.nasl - Type : ACT_GATHER_INFO
2013-03-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-612-2.nasl - Type : ACT_GATHER_INFO
2008-05-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-612-7.nasl - Type : ACT_GATHER_INFO
2008-05-19 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1576.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-612-3.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-612-4.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-612-5.nasl - Type : ACT_GATHER_INFO
2008-05-15 Name : The remote SSH host is set up to accept authentication with weak Debian SSH k...
File : ssh_debian_find_weak_keys.nasl - Type : ACT_GATHER_INFO
2008-05-15 Name : The remote SSL certificate uses a weak key.
File : ssl_debian_weak.nasl - Type : ACT_GATHER_INFO
2008-05-14 Name : The remote SSH host keys are weak.
File : ssh_debian_weak.nasl - Type : ACT_GATHER_INFO
2008-05-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1571.nasl - Type : ACT_GATHER_INFO