Ubuntu 7.04 / 7.10 / 8.04 LTS : ssl-cert vulnerability (USN-612-4)

USN-612-1 fixed vulnerabilities in openssl. This update provides the corresponding updates for ssl-cert -- potentially compromised snake-oil SSL certificates will be regenerated. A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a resul...

Ubuntu 7.04 / 7.10 / 8.04 LTS : openvpn vulnerability (USN-612-3)

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

Ubuntu 7.04 / 7.10 / 8.04 LTS : openvpn regression (USN-612-6)

USN-612-3 addressed a weakness in OpenSSL certificate and keys generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS, multi-client/server mode, and specifying a user or group which caused OpenVPN to not start...

Ubuntu 7.04 / 7.10 / 8.04 LTS : openssh update (USN-612-5)

Matt Zimmerman discovered that entries in /.ssh/authorizedkeys with options such as 'no-port-forwarding' or forced commands were ignored by the new ssh-vulnkey tool introduced in OpenSSH see USN-612-2. This could cause some compromised keys not to be listed in ssh-vulnkey's output. This update al...

Debian and Ubuntu OpenSSL packages contain a predictable random number generator

Overview A vulnerability in the OpenSSL package included with the Debian GNU/Linux operating system and its derivatives may cause weak cryptographic keys to be generated. Description A weakness exists in the random number generator used by the OpenSSL package included with the Debian GNU/Linux...

Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

The remote x509 certificate on the remote SSL server has been generated on a Debian or Ubuntu system which contains a bug in the random number generator of its OpenSSL library. The problem is due to a Debian packager removing nearly all sources of entropy in the remote version of OpenSSL. An...

USN-612-6: OpenVPN regression

USN-612-3 addressed a weakness in OpenSSL certificate and keys generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS, multi-client/server mode, and specifying a user or group which caused OpenVPN to not start...

[USN-612-1] OpenSSL vulnerability

=========================================================== Ubuntu Security Notice USN-612-1 May 13, 2008 openssl vulnerability CVE-2008-0166 =========================================================== A weakness has been discovered in the random number generator used by OpenSSL on Debian and...

USN-612-3: OpenVPN vulnerability

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

USN-612-1: OpenSSL vulnerability

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledg...

DSA-1571-1 openssl - predictable random number generator

Bulletin has no description...

Debian Security Advisory DSA 885-1 (openvpn)

The remote host is missing an update to openvpn announced via advisory DSA 885-1. Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3393 A format string...

Debian Security Advisory DSA 1045-1 (openvpn)

The remote host is missing an update to openvpn announced via advisory DSA 1045-1. Hendrik Weimer discovered that OpenVPN, the Virtual Private Network daemon, allows to push environment variables to a client allowing a malicious VPN server to take over connected clients. the old stable distributi...

Debian Security Advisory DSA 851-1 (openvpn)

The remote host is missing an update to openvpn announced via advisory DSA 851-1. Several security related problems have been discovered in openvpn, a Virtual Private Network daemon. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2531 Wrong processing...

Debian: Security Advisory (DSA-1045-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-885-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-851-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1045-1 : openvpn - design error

Hendrik Weimer discovered that OpenVPN, the Virtual Private Network daemon, allows to push environment variables to a client allowing a malicious VPN server to take over connected clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Debian DSA-885-1 : openvpn - several vulnerabilities

Several vulnerabilities have been discovered in OpenVPN, a free virtual private network daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-3393 A format string vulnerability has been discovered that could allow arbitrary code to be executed on...

FreeBSD : openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server (5ad3e437-e527-4514-b9ed-280b2ca1a8c9)

James Yonan reports : If two or more client machines try to connect to the server at the same time via TCP, using the same client certificate, and when --duplicate-cn is not enabled on the server, a race condition can crash the server with 'Assertion failed at mtcp.c:411' %NASLMINLEVEL 70300 C...