Lucene search
F5F5:K24324390HistoryJan 27, 2017 - 12:00 a.m.
K24324390 : OpenSSH vulnerability CVE-2016-10011
2017-01-2700:00:00
my.f5.com
33
Security Advisory Description
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. (CVE-2016-10011)
Impact
A locally authenticated attacker may be able to exploit this vulnerability and obtain sensitive key information.
Note: No such leak has been observed in practice for normal-sized keys, nor does a leak to the child processes directly expose key material to unprivileged users.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.5.6 | |
| big-ip afm | eq | 11.5.7 |
Related
osv
osv
CVE-2016-10011
2017-01-05 02:59:03
openssh - security update
2018-09-10 00:00:00
redhatcve
redhatcve
CVE-2016-10011
2016-12-20 08:47:24
cve
cve
CVE-2016-10011
2017-01-05 02:59:03
ubuntucve
ubuntucve
CVE-2016-10011
2017-01-04 00:00:00
prion
prion
Design/Logic Flaw
2017-01-05 02:59:00
cvelist
cvelist
CVE-2016-10011
2017-01-05 00:00:00
seebug
seebug
OpenSSH information leak Vulnerability, CVE-2016-10011)
2016-12-21 00:00:00
debiancve
debiancve
CVE-2016-10011
2017-01-05 02:59:03
alpinelinux
alpinelinux
CVE-2016-10011
2017-01-05 02:59:03
nessus
nessus
F5 Networks BIG-IP : OpenSSH vulnerability (K24324390)
2018-12-18 00:00:00
EulerOS 2.0 SP2 : openssh (EulerOS-SA-2017-1054)
2017-05-01 00:00:00
EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1055)
2017-05-01 00:00:00
nvd
nvd
CVE-2016-10011
2017-01-05 02:59:03
openvas
openvas
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1054)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1055)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1661-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: openssh-7.4p1-1.fc25
2017-01-06 20:25:39
symantec
symantec
SA144 : OpenSSH Vulnerabilities January 2017
2017-03-02 08:00:00
ibm
ibm
archlinux
archlinux
[ASA-201612-20] openssh: multiple issues
2016-12-22 00:00:00
slackware
slackware
[slackware-security] openssh
2016-12-24 01:35:34
aix
aix
Vulnerabilities in OpenSSH affect AIX.
2017-02-05 23:36:10
cloudfoundry
cloudfoundry
USN-3538-1: OpenSSH vulnerabilities | Cloud Foundry
2018-02-01 00:00:00
ubuntu
ubuntu
OpenSSH vulnerabilities
2018-01-22 00:00:00
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2017-08-07 00:00:00
amazon
amazon
Medium: openssh
2017-10-03 11:00:00
redhat
redhat
(RHSA-2017:2029) Moderate: openssh security, bug fix, and enhancement update
2017-08-01 05:57:17
centos
centos
openssh, pam_ssh_agent_auth security update
2017-08-24 01:40:16
debian
debian
[SECURITY] [DLA 1500-1] openssh security update
2018-09-10 08:44:17
rosalinux
rosalinux
Advisory ROSA-SA-2021-1938
2021-07-02 17:38:20
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
