MiracleLinux 4 : openssh-5.3p1-104.AXS4 (AXSA:2014-596:02)

🗓️ 19 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 4 OpenSSH fixes CVE-2014-2532 and CVE-2014-2653.

Reporter	Title	Published	Views	Family All 210
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)	31 Jan 201901:35	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in openssh affects IBM Flex System Manager (FSM): (CVE-2014-2653)	31 Jan 201901:30	–	ibm
IBM Security Bulletins	IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index	31 Jan 202100:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Open Secure Shell for GPFS V3.5 on Windows (CVE-2014-2653, CVE-2014-2532)	25 Jun 202116:46	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)	31 Jan 201901:55	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities affect IBM's Advanced Management Module (AMM)	14 Apr 202314:32	–	ibm
Tenable Nessus	OpenSSH < 6.7 Security Bypass	21 Aug 201900:00	–	nessus
Tenable Nessus	OpenSSH < 6.6 Multiple Remote Restriction Bypass Vulnerability	24 Mar 201400:00	–	nessus
Tenable Nessus	Mac OS X < 10.11 Multiple Vulnerabilities	28 Oct 201500:00	–	nessus
Tenable Nessus	AIX OpenSSH Vulnerability : openssh_advisory4.asc	20 Jun 201400:00	–	nessus

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/5054
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2014-596:02.
##

include('compat.inc');

if (description)
{
  script_id(291469);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/19");

  script_cve_id("CVE-2014-2532", "CVE-2014-2653");

  script_name(english:"MiracleLinux 4 : openssh-5.3p1-104.AXS4 (AXSA:2014-596:02)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2014-596:02 advisory.

    Description :
    SSH (Secure SHell) is a program for logging into and executing
    commands on a remote machine. SSH is intended to replace rlogin and
    rsh, and to provide secure encrypted communications between two
    untrusted hosts over an insecure network. X11 connections and
    arbitrary TCP/IP ports can also be forwarded over the secure channel.
    OpenSSH is OpenBSD's version of the last free version of SSH, bringing
    it up to date in terms of security and features.
    This package includes the core files necessary for both the OpenSSH
    client and server. To make this package useful, you should also
    install openssh-clients, openssh-server, or both.
    Security issues fixed with this release:
    CVE-2014-2532
    sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which
    allows remote attackers to bypass intended environment restrictions by using a substring located before a
    wildcard character.
    CVE-2014-2653
    The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote
    servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
    Fixed bugs:
    * Based on the SP800-131A information security standard, the generation of a digital signature using the
    Digital Signature Algorithm (DSA) with the key size of 1024 bits and RSA with the key size of less than
    2048 bits is disallowed after the year 2013. With this update, fixed it.
    * Previously, the openssh utility incorrectly set the oom_adj value to -17 for all of its children
    processes. This behavior was incorrect because the children processes were supposed to have this value set
    to 0. With this update, fixed it.
    * Previously, if the sshd service failed to verify the checksum of an installed FIPS module using the
    fipscheck library, the information about this failure was only provided at the standard error output of
    sshd. So, the user could not notice this message and be uninformed when a system had not been properly
    configured for FIPS mode. With this update, fixed it.
    * When keys provided by the pkcs11 library were removed from the ssh agent using the ssh-add -e command,
    the user was prompted to enter a PIN. With this update, fixed it.
    Enhancements:
    * With this update, ControlPersist has been added to OpenSSH. The option in conjunction with the
    ControlMaster configuration directive specifies that the master connection remains open in the background
    after the initial client connection has been closed.
    * When the sshd daemon is configured to force the internal SFTP session, and the user attempts to use a
    connection other than SFTP, the appropriate message is logged to the /var/log/secure file.
    * Support for Elliptic Curve Cryptography modes for key exchange (ECDH) and host user keys (ECDSA) as
    specified by RFC5656 has been added to the openssh packages. However, they are not enabled by default and
    the user has to enable them manually.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/5054");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-2653");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2014-2532");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:openssh");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:openssh-askpass");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:openssh-clients");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:openssh-server");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:4");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 4.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '4',
    'pkgs': [
      {'reference':'openssh-5.3p1-104.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-5.3p1-104.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-askpass-5.3p1-104.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-askpass-5.3p1-104.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-clients-5.3p1-104.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-clients-5.3p1-104.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-server-5.3p1-104.AXS4', 'cpu':'i686', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE},
      {'reference':'openssh-server-5.3p1-104.AXS4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0', 'allowmaj':TRUE}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssh / openssh-askpass / openssh-clients / openssh-server');
}

19 Jan 2026 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS 34.9

CVSS 25.8

CVSS 3.16.5

EPSS0.02148

SSVC