发布时间 :2000-05-24 00:00:00
修订时间 :2008-09-10 15:04:42

[原文]The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.


        Unix系统中PGP 5.x 的pgpk命令使用不充分的非交互式密钥随机数据源。此漏洞可能产生可预测密钥。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  CERT  CA-2000-09
(UNKNOWN)  BID  1251
(UNKNOWN)  BUGTRAQ  20000523 Key Generation Security Flaw in PGP 5.0

- 漏洞信息

低危 设计错误
2000-05-24 00:00:00 2006-09-22 00:00:00
        Unix系统中PGP 5.x 的pgpk命令使用不充分的非交互式密钥随机数据源。此漏洞可能产生可预测密钥。

- 公告与补丁

        Patching line 1324 of src/lib/ttyui/pgpUserIO.c to look like:
        read(fd, &RandBuf, count);
        will fix this vulnerability. As there is no error checking in place in that function, it will have no negative impact; ideally, this read should be checked to ensure a byte was actually returned, or the potential for another vulnerability exists.
        From NAI Security Advisory:
        Users who generated keys in the manner described above are strongly
        urged to do the following:
        - Revoke and no longer use keys suspected to have this problem
        - Generate new public/private keypairs with entropy collected
         from users' typing and/or mouse movements
        - Re-encrypt any data with the newly generated keypairs that is
         currently encrypted with keys suspected to have this problem
        - Re-sign any data with the newly generated keypairs, if required
        Users are also urged to upgrade to the latest releases of PGP,
        as PGP 5.0 products have not been officially supported by Network
        Associates since early 1999, or distributed by Network Associates
        since June 1998.
        PGPi PGPi 5.0 i

- 漏洞信息

PGP Predictable Key Generation
Local Access Required, Remote / Network Access Cryptographic
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

PGP contains a flaw that may cause public and private keys to be generated without sufficient randomness potentially compromising the integrity and strength of the keys. The issue is due to a flaw in the "pgpk" program and it's reliance on /dev/random for entropy/randomness when creating new key pairs. If a user fails to use a long pass phrase and fails to input characters when prompted, the strength of the key pair may be significantly weakened to allow for cryptographic attack against the key pair.

- 时间线

2000-05-23 Unknow
2000-05-23 Unknow

- 解决方案

Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workarounds: During key generation enter lots of characters when prompted, use a lengthy key ID and pass phrase.

- 相关参考

- 漏洞作者