|Max CVSS||5.8||Min CVSS||5.8||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
|06-01-2017 - 21:59||27-03-2014 - 06:55|
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
|06-01-2017 - 21:59||18-03-2014 - 01:18|