Severity: Unknown
Affected Package: openssl
Summary: Debian OpenSSL weak PRNG produces predictable SSH keys
A Debian patch to OpenSSL introduced a defect in the random number generator, causing the generation of predictable (weak) SSH keys. A utility (obtained from Ubuntu) was added to MidnightBSD to detect and deny these weak keys. The fix was applied to RELENG_0_2 and CURRENT.
No specific recommendations provided.
Aliases: CVE-2008-0166
Published: May 16, 2008
Last Modified: May 16, 2008