Back to search
CVE-2011-4327
Published: Feb 3, 2014
Modified: May 29, 2026
PUBLISHED
Description
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=755640
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now