7.5
CVE-2011-0539
- EPSS 1.8%
- Veröffentlicht 10.02.2011 18:00:57
- Zuletzt bearbeitet 16.06.2026 23:27:35
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.8% | 0.756 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-457 Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
http://secunia.com/advisories/44269
http://secunia.com/advisories/43181
http://www.openssh.com/txt/legacy-cert.adv
http://www.openwall.com/lists/oss-security/2011/02/04/2
http://www.securityfocus.com/bid/46155
http://www.securitytracker.com/id?1025028
http://www.vupen.com/english/advisories/2011/0284
https://exchange.xforce.ibmcloud.com/vulnerabilities/65163