This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. The exploit will generate the complete vulnerable keyspace, and will try to log as the provided user. If the user is root, the agent will have superuser capabilities. This update improves exploit performance when used through Network Attack and Penetration RPT.
Friday, February 13, 2009 - 00:00