[Tfug] Debian SSH vulnerability
Tom Rini
trini at kernel.crashing.org
Wed May 14 18:40:54 MST 2008
On Wed, May 14, 2008 at 06:17:34PM -0700, Jeff Breadner wrote:
> Tom Rini wrote:
[snip]
> > But this is the fun part. This isn't so much a "oh, you can login to
> > everyones box now with user A/pass B" but a "if you really wanna steal
> > what juser has been doing here a possible vector..". At least that's my
> > take on it, but I'm not on vendor-sec anymore..
>
> Keys generated with the buggy code are in a predictable subset of the
> entire possible range of values, and are thus more vulnerable to a
> brute-force attack. An attack on a 'vulnerable' key might take an
> average of 1 million login attempts to succeed instead of 1 trillion for
> a 'safe' key, for instance--I'm making those numbers up, but it
> illustrates the point.
Exactly. You've gone from one small value to another. This is
different from buffer overflows and such. A few years ago when the
Computer Security Applications Conference was in town, I talked my old
company into sending me (it was cheap and relevent!) and one of the
really interesting talks was from an NSA guy who pointed out basically
that if someone wants into YOUR machine for something YOU, they're gonna
find a way. This is different from someone looking for some machine for
their botnet.
None of this is to say that if you have vulnerable keys you shouldn't go
and regenerate 'em.
--
Tom Rini
More information about the tfug
mailing list