Note: Email notfications sent to Symantec customers on 12/09/2008 regarding the 512 bit key detection included identification of all 512 bit keys in existence. The recommended action should only be taken by those customers who's key pair was generated using Debian's OpenSSL package.
On May 13, 2008, the Debian project announced that an update to Debian's OpenSSL package in 2006 contains a vulnerability that can weaken the system's Random Number Generator, making SSH and SSL encryption and authentication predictable. The vulnerability is specific to Debian-based and Ubuntu-based operating systems (along with variants), and does not affect other non-Debian operating systems. However a non-Debian system can be affected if they are using cryptographic keys from an affected Debian system.
Check your CSR for the Debian OpenSSL Vulnerability
If you generated your Certificate Signing Request (CSR) from a Debian or Ubuntu-based operating system, you can check your CSR to determine if it contains a weak key due to the Debian OpenSSL vulnerability.
Note: All Symantec roots and intermediate roots are free from this security flaw.
Debian has made a patch available, however the patch is only capable of preventing the vulnerability going forward and does not remove a previous occurrence. Therefore for those Debian systems starting with version 0.9.ec-1, it is highly recommended to recreate from scratch any cryptographic key material that has been generated with OpenSSL. This includes certificates in any form that include keys generated on the OS versions affected, as well as other applications such as SSH and Code Signing certificates. For additional information on the vulnerability and information regarding the patch, please see the following Debian security advisory DSA-1571-1.
To correct this issue, follow these steps:
- Download and install the Debian patch provided in the Debian security advisory DSA-1571-1
- Replace all affected certificates. In accordance with this advisory, Symantec is providing Revocation and Replacement of SSL certificates at no charge for those Symantec customer's affected by this vulnerability.
IMPORTANT: When generating the new Certificate Signing Request (key pair), it is important to ensure the certificate information (Distinguished Name) is identical to the information on the existing certificate.
- Please click here for information on Revoking and Replacing your certificate.
- If you are unsure if you are affected, Debian has made available a weak key detector published here.
As additional information becomes available, Symantec will update this advisory accordingly.
Symantec Corporation has made efforts to ensure the accuracy and completeness of the information in this document. However, Symantec Corporation makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Symantec Corporation assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, Symantec Corporation assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Symantec Corporation reserves the right to make changes to any information herein without further notice.