oval:org.mitre.oval:def:28274

Definition Id: oval:org.mitre.oval:def:28274

Oval ID:	oval:org.mitre.oval:def:28274
Title:	HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities
Description:	The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-2653	Version:	8
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.11 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.010 OR Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.23 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.011 AND Secure_Shell.SECSH-CMN version is less than A.06.20.011 OR Criteria meets HP Security Bulletin HPSBUX03188 HP-UX B.11.31 AND filesets tests Secure_Shell.SECURE_SHELL version is less than A.06.20.012 AND Secure_Shell.SECSH-CMN version is less than A.06.20.012