dc8 - 1.1
DebConf8
Super Cow Powers Included
Speakers | |
---|---|
Luciano Bello |
Schedule | |
---|---|
Day | DebConf day 5 (2008-08-14) |
Room | Salon del mar |
Start time | 17:00 |
Duration | 01:00 |
Info | |
ID | 352 |
Event type | meeting |
Track | DebConf Unofficial |
Language | en |
Predictable PRNG in the Vulnerable Debian OpenSSL Package
the what and the how (the same talk that BlackHat/Defcon)
This is the same talk that I gave at Black Hat and Defcon. "Recently, the Debian project announced an OpenSSL package vulnerability which they had been distributing for the last two years. This bug makes the PRNG predictable, affecting the keys generated by openssl and every other system that uses libssl (eg. openssh, openvpn). We will talk about this bug, its discovery and publication, its consequences, and exploitation. As well, we will demonstrate some exploitation tools."
http://www.blackhat.com/html/bh-usa-08/bh-usa-08-speakers.html#Bello http://www.defcon.org/html/defcon-16/dc-16-speakers.html#Bello