### [CVE-2016-0777](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

### POC

#### Reference
- http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
- http://seclists.org/fulldisclosure/2016/Jan/44
- http://www.openwall.com/lists/oss-security/2016/01/14/7
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/JustinZ/sshd
- https://github.com/RajathHolla/puppet-ssh
- https://github.com/RedHatSatellite/satellite-host-cve
- https://github.com/WinstonN/fabric2
- https://github.com/akshayprasad/Linux_command_crash_course
- https://github.com/bigb0x/CVE-2024-6387
- https://github.com/bigb0x/OpenSSH-Scanner
- https://github.com/chuongvuvan/awesome-ssh
- https://github.com/cpcloudnl/ssh-config
- https://github.com/dblume/dotfiles
- https://github.com/devopstest6022/puppet-ssh
- https://github.com/dyuri/repassh
- https://github.com/eric-erki/awesome-ssh
- https://github.com/ghoneycutt/puppet-module-ssh
- https://github.com/jaymoulin/docker-sshtron
- https://github.com/jcdad3000/GameServer
- https://github.com/jcdad3000/gameserverB
- https://github.com/marcospedreiro/sshtron
- https://github.com/moul/awesome-ssh
- https://github.com/phx/cvescan
- https://github.com/project7io/nmap
- https://github.com/ryanalieh/openSSH-scanner
- https://github.com/threepistons/puppet-module-ssh
- https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough
- https://github.com/zachlatta/sshtron