CVE-2011-0539

2011-02-1018:00:00

Debian Security Bug Tracker

security-tracker.debian.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

80.0%

JSON

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

OSVersionArchitecturePackageVersionFilename
Debian12allopenssh< 1:5.8p1-2openssh_1:5.8p1-2_all.deb
Debian11allopenssh< 1:5.8p1-2openssh_1:5.8p1-2_all.deb
Debian10allopenssh< 1:5.8p1-2openssh_1:5.8p1-2_all.deb
Debian999allopenssh< 1:5.8p1-2openssh_1:5.8p1-2_all.deb
Debian13allopenssh< 1:5.8p1-2openssh_1:5.8p1-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	openssh	< 1:5.8p1-2	openssh_1:5.8p1-2_all.deb
Debian	11	all	openssh	< 1:5.8p1-2	openssh_1:5.8p1-2_all.deb
Debian	10	all	openssh	< 1:5.8p1-2	openssh_1:5.8p1-2_all.deb
Debian	999	all	openssh	< 1:5.8p1-2	openssh_1:5.8p1-2_all.deb
Debian	13	all	openssh	< 1:5.8p1-2	openssh_1:5.8p1-2_all.deb