Loading ...Security Warning: Serious flaw in Debian Linux OpenSSL Package
There is a serious security flaw in Debian openssl - the random number generator in Debian's openssl package is predictable. As a result, cryptographic key material may be guessable.
=> Package : openssl
=> Vulnerability : predictable random number generator
=> Problem type : remote
=> Debian-specific: yes
=> CVE Id(s) : CVE-2008-0166
=> Checkout description and recommended fix at the following url:
[SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
You may also be interested in other helpful articles:
- Ubuntu / Debian Linux Find Weak OpenSSL keys
- Impact of the Debian OpenSSL Vulnerability On other Linux Distribution
- Security: OpenSSL Vulnerable to Forged Signatures
- Security: Perl, XFree86, xorg-x11-server and other Update For Red Hat Linux (RHEL)
- Secure Suse Linux Server with AppArmor - Howto
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: cryptographic key, cve-2008-0166, debian, Linux, openssl, openssl package, random number generator, serious security, serious security flaw, vulnerability
Does this security flaw also infect Ubuntu? Or Just Debian? I’m asking since I know Ubuntu is Debian based and I have an Ubuntu Server in my closet.
Yes, it should affect Ubuntu. Better upgrade your openssl software. Checkout
http://www.ubuntu.com/usn/usn-612-2. If you run Ubuntu based server, I strongly recommend security rss subscription.