Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: INFOcon back to green SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
INFOcon back to green

The Debian/Ubuntu SSL problem by now has sufficient media attention. Once the big security firms raise their threat level indicators, we at SANS ISC can go back to green :). 

Debian Wiki has a good (and evolving) write-up on problems and resolutions:

As a reminder, all systems that contain Debian/Ubuntu generated cryptographic key material are potentially vulnerable. You need to check those "authorized_keys" files for SSH on all platforms, not just on Debian.


383 Posts
ISC Handler
May 16th 2008

Sign Up for Free or Log In to start participating in the conversation!