Public Date:
675254: CVE-2011-0539 OpenSSH: legacy certificate generation information leak

The MITRE CVE dictionary describes this issue as:

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

Find out more about CVE-2011-0539 from the MITRE CVE dictionary dictionary and NIST NVD.


Not vulnerable. This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 4, 5, or 6.

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 4 openssh Not affected
Red Hat Enterprise Linux 5 openssh Not affected
Red Hat Enterprise Linux 6 openssh Not affected