4 matches found
K15013: OpenSSH vulnerability CVE-2011-0539
Security Advisory Description The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents ...
UBUNTU-CVE-2019-7732
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field username, realm, nonce, uri, or response, only the last instance can ever be freed...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...
CVE-2011-0539
The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...