[Openswan dev] Openswan and Debian OpenSSL vulnerability

Michael H. Warfield mhw at WittsEnd.com
Sun May 18 13:12:18 EDT 2008


On Sun, 2008-05-18 at 11:21 -0400, D. Hugh Redelmeier wrote:
> According to this page, http://wiki.debian.org/SSLkeys, both Openswan and 
> StrongSWAN are vulnerable to the Debian OpenSSL vulnerability.

> Could someone comment on the extent of this vulnerability?

	If you are using X.509 certificates and those certificates were created
on a Debian Etch system, or a distribution based on Debian Etch, you've
probably got an easily guessable private key.  You should use their tool
to scan all your SSL certificates to make sure none are on the "black
list" of bad keys.  Regenerate and recertify any questionable keys and
certificates.  This affects systems other that Debian if the keys were
generated on an affected Debian system and imported onto another.  Weak
keys would allow for the possibility of a man-in-the-middle attack.
With session keys and perfect forward secrecy, you're probably still
safe from sniffing attacks and session cracking, but I wouldn't risk it.

	There is now a rainbow table out of various bad keys and combinations
up at the Metasploit site:

	http://metasploit.com/users/hdm/tools/debian-openssl/

	The key table is in the for of ssh private/public keypairs but it can
be used by attackers against SSL X.509 certs.

	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/dev/attachments/20080518/bb715de1/attachment.bin 


More information about the Dev mailing list