Debian: A niche OS with a not-so-niche security flaw

Dowload this tip Listen to this tip as a podcast on your favorite computer or mp3 player.

Debian GNU/Linux, a particular distribution of the Linux operating system, is the result of a volunteer effort to create a free Unix-compatible operating system complete with a suite of applications. Like any operating system, it provides services to application programs that run on it. To provide cryptographic services such as Secure Sockets Layer (SSL), the OS uses the open source OpenSSL cryptography library.

Many encryption algorithms require a random value to seed or start the generation of a key. The problem with computers, however, is that they are not good at generating non-deterministic, high-quality random values. That's why you are often asked to move your mouse or type randomly on your keyboard when generating a digital certificate, as it provides some random values that the computer can use to initiate encryption. Failing to correctly generate truly random values for keys has caused a number of problems, including vulnerabilities in Kerberos, the X Window System, and the Network File System protocol.

More information Tim Callan, a product manager for VeriSign's SSL business unit, explains the vendor's response to the OpenSSL vulnerability in Debian-based Linux distributions. Learn more about the SSH keys and SSL certificates at risk from the Debian OpenSSL flaw.

Back in 2006, a developer working on the Debian project kept receiving compiler warnings of possible memory leaks in the OpenSSL package because of uninitialized memory, use of which is shunned as a bad development practice. Debian consulted the OpenSSL team but for unclear reasons it decided to go ahead with its own fix before the issue had been broadly assessed.

Unfortunately, as Debian researcher Luciano Bello discovered, instead of removing the specific procedure calls to the uninitialized memory areas, Debian's changes prevented any random data from being used during key generation. Therefore the Debian OpenSSL was only using a finite number of possible Linux process IDs to generate SSH and SSL/TSL keys, making them predictable. In fact, an attacker could figure them out by using a simple brute force attack, potentially compromising encryption keys and the data they protected.

A fix was released in May of this year, but what are the effects of this security flaw? Although it only directly affects Debian and other Debian-based distributions, such as Ubuntu, other systems can be indirectly affected if vulnerable keys generated by these systems have been imported into them. Affected keys include DSA, SSH, OpenVPN, DNSSEC, and those used in X.509 digital certificates and session keys used in SSL/TLS connections.

So, for example, any Digital Signature Algorithm (DSA) keys generated by an affected Debian system and used for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a random value used during signature generation.

The aspect of this vulnerability that concerns me most is that those affected need to do more than just apply a patch: After updating the software, new keys must be generated. Organizations that rely on Debian-based distributions with OpenSSL to generate a certificate signing request (CSR) and private keys for SSL certificates will also have to regenerate their private keys and request certificate reissues. But without patching, security managers run the risk of leaving encryption and authentication vulnerable to hackers -- and yes, there are already scripts available online that allow brute forcing of vulnerable SSH keys.

Although no sites or communication channels have been reported compromised, and no real-world attacks have occurred as of yet, any site using these weak certificates is vulnerable to attackers seeking to impersonate a site or compromise the confidentiality of its communication channels. If there is any question about the integrity of keys, organizations should regenerate all cryptographic keys generated on Debian systems since September 2006 and revoke all certificates issued using those keys.

While this vulnerability was dealt with quickly once it was discovered, the way in which it was created has no doubt sullied the reputation of open source software somewhat. Does it suggest deeper security issues for Linux? I don't think so. But what it does do is highlight the need for close dialog between developers within the open source community. Better communication can help to ensure the integrity of critical and widely used modules.

About the author:
Michael Cobb, CISSP-ISSAP is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Mike is the guest instructor for several SearchSecurity.com Security Schools and, as a SearchSecurity.com site expert, answers user questions on application security and platform security.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Threat Monitor How to stop malware in a 'Flash' How to detect system management mode (SMM) rootkits Windows registry forensics: Investigating system-wide settings Weaponizing Kaminsky's DNS discovery Web advertising exploits: Protecting Web browsers and servers Ransomware: How to deal with advanced encryption algorithms Hidden endpoints: Mitigating the threat of non-traditional network devices Protecting exposed servers from Google hacks (and Google 'dorks') Countermeasures against targeted attacks in the enterprise Windows registry forensics guide: Investigating hacker activities Linux Security and Unix Security What tools provide user provisioning and single sign-on for PeopleSoft- and Unix-based products? Linux systems actively targeted using SSH key attacks Open source projects fall short on security RE:trace framework aids in OS X, Unix flaw discovery Researcher behind Linux Kernel flaw explains motives Linux Kernel attack code worries security experts Mac hack puts Apple faithful on the defense Will having two different operating systems cause administrative problems? Linux patch problems: Your distro may vary What is the best antivirus software to use when running Linux? SSL The Shortcut Guide to Extended Validation SSL Certificates Product review: Array Networks SPX2000 How to test the security of personal details submitted to a website Should enterprises implement a mandatory iPhone VPN? Should iPhone email be sent without SSL encryption? How to secure an FTP connection Can Trojans and other malware exploit split-tunnel VPNs to infiltrate a network? What are the risks of connecting a Web service to an external system via SSL? What is the most secure way for application developers to manage cookies? For a small office, what are the best, least expensive office servers with secure access? RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary trusted computing  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.