{ "threat_severity" : "Moderate", "public_date" : "2014-03-24T00:00:00Z", "bugzilla" : { "description" : "openssh: failure to check DNS SSHFP records in certain scenarios", "id" : "1081338", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1081338" }, "cvss" : { "cvss_base_score" : "4.3", "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:P/A:N", "status" : "verified" }, "cwe" : "CWE-287", "details" : [ "The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.", "It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record." ], "statement" : "The Red Hat Security Response Team has rated this issue as having Moderate security impact. This issue is not planned to be fixed in Red Hat Enterprise Linux 5 as it is now in Production 3 Phase of the support and maintenance life cycle, https://access.redhat.com/support/policy/updates/errata/", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2014-10-13T00:00:00Z", "advisory" : "RHSA-2014:1552", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "openssh-0:5.3p1-104.el6" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2015-03-05T00:00:00Z", "advisory" : "RHSA-2015:0425", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "openssh-0:6.6.1p1-11.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "openssh", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-2653\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-2653" ], "name" : "CVE-2014-2653", "csaw" : false }