VIR Vulnerability Intelligence Relay

CVE-2012-0814

medium
Published 2012-01-27 ยท Modified 2026-05-22
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
6.5

Description

The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.

Predictions

Exploit likelihood
75%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 1:5.6p1-1
sid Fixed 1:5.6p1-1
forky Fixed 1:5.6p1-1
bullseye Fixed 1:5.6p1-1
bookworm Fixed 1:5.6p1-1

Application impact
VendorProductVersionsFixed
openbsdopenssh{"endIncluding":"5.6"}
openbsdopenssh1.2
openbsdopenssh1.2.1
openbsdopenssh1.2.2
openbsdopenssh1.2.3
openbsdopenssh1.2.27
openbsdopenssh1.3
openbsdopenssh1.5
openbsdopenssh1.5.7
openbsdopenssh1.5.8
openbsdopenssh2
openbsdopenssh2.1
openbsdopenssh2.1.1
openbsdopenssh2.2
openbsdopenssh2.3
openbsdopenssh2.3.1
openbsdopenssh2.5
openbsdopenssh2.5.1
openbsdopenssh2.5.2
openbsdopenssh2.9
openbsdopenssh2.9.9
openbsdopenssh2.9.9p2
openbsdopenssh2.9p1
openbsdopenssh2.9p2
openbsdopenssh3.0
openbsdopenssh3.0.1
openbsdopenssh3.0.1p1
openbsdopenssh3.0.2
openbsdopenssh3.0.2p1
openbsdopenssh3.0p1
openbsdopenssh3.1
openbsdopenssh3.1p1
openbsdopenssh3.2
openbsdopenssh3.2.2
openbsdopenssh3.2.2p1
openbsdopenssh3.2.3p1
openbsdopenssh3.3
openbsdopenssh3.3p1
openbsdopenssh3.4
openbsdopenssh3.4p1
openbsdopenssh3.5
openbsdopenssh3.5p1
openbsdopenssh3.6
openbsdopenssh3.6.1
openbsdopenssh3.6.1p1
openbsdopenssh3.6.1p2
openbsdopenssh3.7
openbsdopenssh3.7.1
openbsdopenssh3.7.1p1
openbsdopenssh3.7.1p2
openbsdopenssh3.8
openbsdopenssh3.8.1
openbsdopenssh3.8.1p1
openbsdopenssh3.9
openbsdopenssh3.9.1
openbsdopenssh3.9.1p1
openbsdopenssh4.0
openbsdopenssh4.0p1
openbsdopenssh4.1
openbsdopenssh4.1p1
openbsdopenssh4.2
openbsdopenssh4.2p1
openbsdopenssh4.3
openbsdopenssh4.3p1
openbsdopenssh4.3p2
openbsdopenssh4.4
openbsdopenssh4.4p1
openbsdopenssh4.5
openbsdopenssh4.6
openbsdopenssh4.7
openbsdopenssh4.8
openbsdopenssh4.9
openbsdopenssh5.0
openbsdopenssh5.1
openbsdopenssh5.2
openbsdopenssh5.3
openbsdopenssh5.4
openbsdopenssh5.5

References

CWEs

CWE-255 CWE-532

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.