CVE-2014-2653

Published: Mar 27, 2014

Modified: May 28, 2026

PUBLISHED

Description

The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

USN-2164-1

vendor-advisory

x_refsource_UBUNTU

59855

third-party-advisory

x_refsource_SECUNIA

RHSA-2015:0425

vendor-advisory

x_refsource_REDHAT

http://advisories.mageia.org/MGASA-2014-0166.html

x_refsource_CONFIRM

HPSBUX03188

vendor-advisory

x_refsource_HP

SSRT101487

vendor-advisory

x_refsource_HP

66459

vdb-entry

x_refsource_BID

MDVSA-2015:095

vendor-advisory

x_refsource_MANDRIVA

[oss-security] 20140326 CVE request: openssh client does not check SSHFP if server offers certificate

mailing-list

x_refsource_MLIST

FEDORA-2014-6380

vendor-advisory

x_refsource_FEDORA

DSA-2894

vendor-advisory

x_refsource_DEBIAN

RHSA-2014:1552

vendor-advisory

x_refsource_REDHAT

http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc

x_refsource_CONFIRM

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513

x_refsource_CONFIRM

FEDORA-2014-6569

vendor-advisory

x_refsource_FEDORA

MDVSA-2014:068

vendor-advisory

x_refsource_MANDRIVA

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-2653

Description

Affected Products

References