CVE-2011-4327

Updated: 2024-11-24 05:32:10.114976

Description:

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 2.1
CVSS Version 3.x 0

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS openssh 5.3p1 0.0 Not Vulnerable 2022-04-27 06:57:01