A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN
and SSL certificates.You can check Ubuntu security notice from here

(...)
Read the rest of Fix for OpenSSL/SSH/VPN Vulnerability in Ubuntu 7.04/7.10/8.04 (303 words)

© admin for Ubuntu Geek, 2008. | Permalink | 5 comments | Add to del.icio.us digg
Who's linking ? Technorati BlogPulse Google
Want more on these topics ? Browse the archive of posts filed under Security, Server.