CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
Percentile
78.5%
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6
and earlier allows remote servers to trigger the skipping of SSHFP DNS RR
checking by presenting an unacceptable HostCertificate.
Author | Note |
---|---|
mdeslaur | code is different in lucid, and doesn’t seem vulnerable |