Total vulnerabilities in the database
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
| Software | From | Fixed in |
|---|---|---|
| openbsd / openssh | - | 6.6.x |
| openbsd / openssh | 6.0 | 6.0.x |
| openbsd / openssh | 6.3 | 6.3.x |
| openbsd / openssh | 6.1 | 6.1.x |
| openbsd / openssh | 6.4 | 6.4.x |
| openbsd / openssh | 6.5 | 6.5.x |
| openbsd / openssh | 6.2 | 6.2.x |