6 matches found
K15013: OpenSSH vulnerability CVE-2011-0539
Security Advisory Description The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents ...
SUSE CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
DEBIAN-CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
Access Restriction Bypass
Overview Affected versions of this package are vulnerable to Access Restriction Bypass. The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow...
PT-2011-2432
Name of the Vulnerable Software and Affected Versions OpenSSH versions 5.6 through 5.7 Description The issue is related to the key certify function in OpenSSH, specifically when generating legacy certificates using the -t command-line option in ssh-keygen. This function does not initialize the...