OpenSSL Vulnerability

23 May 2008

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH.

This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems.

The following Ubuntu releases are affected:

Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
Debian Etch 4.0
Debian Lenny 5.0

For more details visit these links:

Ubuntu: http://www.ubuntu.com/usn/usn-612-2
Debian: http://www.debian.org/security/2008/dsa-1571

We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems.

What do you think?

Show comments / Leave a comment

Understanding Web Security with a Managed Web Application Firewall

A managed web application firewall protects websites from hacker attacks. It does this by checking all website traffic and blocking any harmful traffic. A managed

IT and Network, IT In-Depth

A Guide to Understanding IT Procurement – How to Source and Manage Technology for Your Business Effectively

IT procurement is the process businesses use to source the technology they need. Whether you require new software, hardware, or services, IT procurement is how

Two business people sitting at a desk in an office.

Cyber Attacks News, Cyber Security

Integris Health Patients Face Shocking Extortion Emails Following Devastating Cyberattack

Integris Health, an Oklahoma-based healthcare provider, is notifying patients they may receive extortion emails after suffering a cyberattack. The attack targeted the systems of NoMoreClipboard, an online patient portal, affecting 102,000 patients. Cybercriminals are demanding $2,000 in Bitcoin for the return of patient data, including medical records and contact information.

Partner with Us for Comprehensive IT

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Your benefits:

What happens next?

We Schedule a call at your convenience

We do a discovery and consulting meting

We prepare a proposal

OpenSSL Vulnerability

What do you think?

Leave a Reply Cancel reply

Related articles

Understanding Web Security with a Managed Web Application Firewall

A Guide to Understanding IT Procurement – How to Source and Manage Technology for Your Business Effectively

Integris Health Patients Face Shocking Extortion Emails Following Devastating Cyberattack

Partner with Us for Comprehensive IT

Your benefits:

What happens next?

Schedule a Free Consultation

Solutions

Company

LinkedIn

Twitter

Facebook

Simplifying IT
for a complex world.

Platform partnerships

Services

Business Challenges

Digital Transformation

Cyber Security

Compliance

Gaining Efficiency

Industry Focus

OpenSSL Vulnerability

What do you think?

Leave a Reply Cancel reply

Related articles

Understanding Web Security with a Managed Web Application Firewall

A Guide to Understanding IT Procurement – How to Source and Manage Technology for Your Business Effectively

Integris Health Patients Face Shocking Extortion Emails Following Devastating Cyberattack

Partner with Us for Comprehensive IT

Your benefits:

What happens next?

Schedule a Free Consultation

LinkedIn

Twitter

Facebook

Simplifying IT for a complex world.

Platform partnerships

Services

Business Challenges

Digital Transformation

Cyber Security

Compliance

Gaining Efficiency

Industry Focus

Simplifying IT
for a complex world.