OpenSSH Vulnerability: Information Disclosure via ssh-rand-helper
CVE-2011-4327 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
Learn more about our User Device Pen Test.