Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : openssl-blacklist update (USN-612-11)

USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blacklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and...

USN-612-9: openssl-blacklist update

USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check Certificate Signing Requests, accept input from STDIN, and check moduli without ...

Debian disaster-vulnerability warning-the black bar safety net

by axis 2008-05-16 http://www.ph4nt0m.org The Debian OpenSSL package the algorithms have problems, random number generation is actually in the process pid in the selection, lead to the generation of key can be exhaustive The following extract from the metasploit blog The Bug On May 13th, 2 0 0 8...

spambam.pl.txt

!/usr/bin/perl -w Defeating SpamBam exploit by Jose Palazon [email protected] a.k.a. palako Vulnerable software: SpamBam http://wordpress.org/extend/plugins/spambam/ by Gareth Heyes Vulnerability: No matter how hard you ofuscate or encrypt your code, never, under no circunstances, rely any...

Code injection

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were...

CVE-2007-0726

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were...

CVE-2007-0726

CVE-2007-0726 affects Apple Mac OS X OpenSSH: SSH key generation on OS X 10.3.9 and 10.4 (up to 10.4.8) can be exploited by remote attackers who connect before key generation completes, causing keys to be regenerated and potentially breaking trust relationships based on the original keys. The des...

CVE-2007-0726

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were...

MDKA-2007:011 : tripwire

The version of tripwire included with Mandriva 2007 would hang while generating keys. The problem has been corrected by avoiding using optimization at compile-time. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled ...

Mandrake Linux Security Advisory : bind (MDKSA-2006:207)

The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem CVE-2006-4339. BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record...

Linux kernel keyctl DoS

Race condition during unique key generation cause NULL pointer dereference on multiprocessor box...

Design/Logic Flaw

PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator C++ rand function during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand seed values an...

Code injection

nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack...

NotifyLink server provides inadequate protection for cryptographic key material

Overview The NotifyLink key exchange protocol contains a vulnerability that significantly reduces the strength of cryptographic keys used to encrypt mail messages. Description Notify Technology NotifyLink Enterprise Server allows users to synchronize e-mail between a PDA and a mail server. The...

CVE-2004-2721

The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages...

kgpg uncrypted private key

Passphrase not used if keys are generated through wizard...

Signed content spoofing in ECDSA

Standard allows to generate private key in a way it will produce same signature for 2 different documents...

nCipher problems

Weak key generation during installation, problems with java library...

nCipher Advisory #3: MSCAPI keys erroneously module-protected - update

nCipher Security Advisory No. 3 | Windows 2000 keys unexpectedly only module-protected | ==================================================== | | UPDATED - VERSION 2 | Changes are marked with |' at the right. | | | SUMMARY ======= In certain circumstances, the nCipher MSCAPI CSP Install Wizard...

Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random

Overview Under certain circumstances, PGP v5.0 generates keys that are not sufficiently random, which may allow an attacker to predict keys and, hence, recover information encrypted with that key. Description Generating Randomness in PGP Keys In order to generate cryptographically secure keys, PG...