CVE Database


Impact: Low
Public: 2011-02-04
Bugzilla: 675254: CVE-2011-0539 OpenSSH: legacy certificate generation information leak


The MITRE CVE dictionary describes this issue as:

The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

Find out more about CVE-2011-0539 from the MITRE CVE dictionary and NIST NVD.


Not vulnerable. This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 4, 5, or 6.

Red Hat security errata

Platform Errata Release Date

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.