Vulnerability CVE-2014-2653

Vulnerability CVE-2014-2653

Published: 2014-03-27

Description:

	Topic	Author	Date
Med.	OpenSSH 6.6 bypass SSHFP DNS RR checking by HostCertificate	Matthew Vernon	28.03.2014

CVSS Base Score	Impact Subscore	Exploitability Subscore
5.8/10	4.9/10	8.6/10

Affected software
Openbsd -> Openssh

http://advisories.mageia.org/MGASA-2014-0166.html

http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc

http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html

http://marc.info/?l=bugtraq&m=141576985122836&w=2

http://openwall.com/lists/oss-security/2014/03/26/7

http://rhn.redhat.com/errata/RHSA-2014-1552.html

http://rhn.redhat.com/errata/RHSA-2015-0425.html

http://secunia.com/advisories/59855

http://www.debian.org/security/2014/dsa-2894

http://www.mandriva.com/security/advisories?name=MDVSA-2014:068

http://www.mandriva.com/security/advisories?name=MDVSA-2015:095

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.securityfocus.com/bid/66459

http://www.ubuntu.com/usn/USN-2164-1

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513