{"vulnerability": "cve-2012-0814", "sightings": [{"uuid": "4586d688-e0af-43e2-a504-4f0e3aba1c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2012-0814", "type": "seen", "source": "https://t.me/arpsyndicate/1981", "content": "#ExploitObserverAlert\n\nCVE-2012-0814\n\nDESCRIPTION: Exploit Observer has 24 entries related to CVE-2012-0814. The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite.  NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.\n\nFIRST-EPSS: 0.002850000\nNVD-IS: 2.9\nNVD-ES: 6.8", "creation_timestamp": "2023-12-18T12:21:49.000000Z"}]}