The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Vulnerable Systems:
*OpenSSH 5.x, 6.x, and 7.x before 7.1p2
Immune Systems:
*OpenSSH 5.x, 6.x, and 7.x after 7.1p2
OpenSSH is prone to an information-disclosure vulnerability. Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further attacks.