The host is installed with OpenSSH and is prone to information disclosure vulnerability. A flaw is present in key_certify function which fails to properly generate legacy certificates using the -t command-line option in ssh-keygen and does not initialize the nonce field. Successful exploitation could allow an attacker to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.