CVE-2014-2653
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0289 (2.9%)
Percentil: 86.4%
EPSS: 2026-05-06
Afecta
openbsd:opensshDescripción técnica
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Publicada: 27/3/2014, 10:55:04
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://advisories.mageia.org/MGASA-2014-0166.html
- http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc
- http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
- http://marc.info/?l=bugtraq&m=141576985122836&w=2
- http://openwall.com/lists/oss-security/2014/03/26/7
- http://rhn.redhat.com/errata/RHSA-2014-1552.html
- http://rhn.redhat.com/errata/RHSA-2015-0425.html