9 matches found
Debian: Security Advisory (DLA-4321-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl
Debian OpenSSL Predictable PRNG - - - Links Original URL: http://metasploit.com/users/hdm/tools/debian-openssl/1 Mirror2 Exploit: + https://www.exploit-db.com/exploits/5622/ Perl3 + https://www.exploit-db.com/exploits/5720/ Python4 + https://www.exploit-db.com/exploits/5632/ Ruby12 Recommend Tool...
Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug
An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the Debian OpenSSL bug disclosed seven years ago. The public SSH keys that users associate with their GitH...
Debian DSA-2931-1 : openssl - security update
It was discovered that incorrect memory handling in OpenSSL's dossl3write function could result in denial of service. The oldstable distribution squeeze is not affected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
How the Debian OpenSSL bug almost spawned a disaster
When news broke last year about the serious flaw in the Debian OpenSSL pseudorandom number generator, security experts knew it was a serious problem and warned users to regenerate any keys that had been created using the vulnerable versions of the OpenSSL package. It was a big problem, but it tur...
Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (Python)
Exploit for linux platform in category remote exploits =============================================================== Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit Python =============================================================== !/bin/python This program is free software; you can...
Debian OpenSSH/OpenSSL Package Random Number Generator Weakness
The remote SSH host key has been generated on a Debian or Ubuntu system which contains a bug in the random number generator of its OpenSSL library. The problem is due to a Debian packager removing nearly all sources of entropy in the remote version of OpenSSL. An attacker can easily obtain the...
DEBIAN-CVE-2008-0166
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys...
Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (perl)
Exploit for linux platform in category remote exploits the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be used with the precalculated ssh ke...