7.5

CVE-2011-0539

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version5.6
OpenbsdOpenssh Version5.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.8% 0.756
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-457 Use of Uninitialized Variable

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
http://secunia.com/advisories/44269
http://secunia.com/advisories/43181
Vendor Advisory
http://www.openssh.com/txt/legacy-cert.adv
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/02/04/2
http://www.securityfocus.com/bid/46155
http://www.securitytracker.com/id?1025028
http://www.vupen.com/english/advisories/2011/0284
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/65163