[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SANS elevates Internet Threat Level to YELLOW



Attention SILUG users...
        
With the discovery of a weak random number generator vulnerability in
the latest Debian distribution, the SANS Internet Storm Center yesterday
raised their Internet Threat Level from green to yellow. This is a rare
move on their part. The last time SANS raised this flag was March 23-24,
2006 in response to an Internet Explorer vulnerability.

The problem is with the PRNG package distributed with Debian and used by
its OpenSSL and OpenSSH packages. The result is weak SSL encryption on
HTTPS connections and certificates and public/private key pairs used to
protect VPNs and other connections.

"I don't use Debian. Why should I care?" Well, if you're using a Debian
derivative distribution like Ubuntu or an appliance with embedded Debian
Linux, you're using the faulty PRNG package. If you're a Fedora or
CentOS (or even Windows or OS/X) user your connection to a web site
protected by a certificate generated by Debian OpenSSH could be
vulnerable.

This is one of those foundation layer problems like an oil spill that
has a profound immediate impact and takes a long time to completely
clean up.

For more detailed information, see
http://isc.sans.org/diary.html?storyid=4421

--Doc
        


-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.