[Haifux] More information about latest OpenSSL/OpenSSH/OpenVPN vulnerabilities?
Tzafrir Rehan
tzafrir.r at gmail.com
Wed May 14 02:03:15 MSD 2008
2008/5/14 Dotan Cohen <dotancohen at gmail.com>:
> 2008/5/13 Tzafrir Rehan <tzafrir.r at gmail.com>:
> > http://www.ubuntu.com/usn/usn-612-1
> > http://www.ubuntu.com/usn/usn-612-2
> > http://www.ubuntu.com/usn/usn-612-3
> >
> > I like how a bug in the random number generator caused this, I actually
> > found some of my keys in the 100,000 lines blacklist.
> >
> > Does anyone have more information about this?
> >
>
> You will want to read this:
> http://it.slashdot.org/article.pl?sid=08/05/13/1533212
>
> And especially this, as posted in the comments:
> http://wiki.debian.org/SSLkeys
>
> Dotan Cohen
>
So apparently all keys were produced using the same random seed?
That's simply mindblowing!
--
Tzafrir
>
> http://what-is-what.com
> http://gibberish.co.il
> א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת
>
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://haifux.org/pipermail/haifux/attachments/20080514/9da85f1f/attachment.html
More information about the Haifux
mailing list