CVE-2011-0539

Name of the Vulnerable Software and Affected Versions OpenSSH versions 5.6 through 5.7

Description The issue is related to the key certify function in OpenSSH, specifically when generating legacy certificates using the -t command-line option in ssh-keygen. This function does not initialize the nonce field, which could allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.

Recommendations For OpenSSH versions 5.6 through 5.7, consider disabling the use of the -t command-line option in ssh-keygen until a patch is available. As a temporary workaround, restrict access to the key certify function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.