CVE-2014-2653 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-2653 Interim 1 20 2025-03-25T01:36:52Z current 2021-05-30T13:20:16Z 2025-03-25T01:36:52Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-2653 The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2014-June/000878.html E-Mail link for SUSE-SU-2014:0818-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Server 11 SP1 for Teradata SUSE Linux Enterprise Server 11 SP3 for Teradata SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4 LTSS SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh openssh-6.6.1p1-11.el7 openssh-6.6p1-29.1 openssh-6.6p1-4.6 openssh-6.6p1-4.7 openssh-7.2p2-55.1 openssh-7.2p2-69.1 openssh-7.2p2-74.25.1 openssh-7.2p2-74.45.1 openssh-askpass-6.6.1p1-11.el7 openssh-clients openssh-clients-6.6.1p1-11.el7 openssh-common openssh-fips openssh-fips-6.6p1-29.1 openssh-fips-6.6p1-4.6 openssh-fips-6.6p1-4.7 openssh-fips-7.2p2-55.1 openssh-fips-7.2p2-69.1 openssh-fips-7.2p2-74.25.1 openssh-fips-7.2p2-74.45.1 openssh-helpers-6.6p1-29.1 openssh-helpers-6.6p1-4.6 openssh-helpers-7.2p2-55.1 openssh-helpers-7.2p2-69.1 openssh-helpers-7.2p2-74.25.1 openssh-helpers-7.2p2-74.45.1 openssh-keycat-6.6.1p1-11.el7 openssh-ldap-6.6.1p1-11.el7 openssh-openssl1-6.6p1-10.1 openssh-openssl1-helpers-6.6p1-10.1 openssh-server openssh-server-6.6.1p1-11.el7 openssh-server-sysvinit-6.6.1p1-11.el7 pam_ssh_agent_auth-0.9.3-9.11.el7 openssh-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-askpass-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-clients-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-keycat-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-ldap-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-server-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 openssh-server-sysvinit-6.6.1p1-11.el7 as a component of SUSE Liberty Linux 7 pam_ssh_agent_auth-0.9.3-9.11.el7 as a component of SUSE Liberty Linux 7 openssh-6.6p1-4.6 as a component of SUSE Linux Enterprise Desktop 12 openssh-helpers-6.6p1-4.6 as a component of SUSE Linux Enterprise Desktop 12 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 openssh-7.2p2-69.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 openssh-helpers-7.2p2-69.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 openssh-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 openssh-helpers-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 openssh-6.6p1-4.7 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-fips-6.6p1-4.7 as a component of SUSE Linux Enterprise Server 11 SP4 openssh-openssl1-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-openssl1-helpers-6.6p1-10.1 as a component of SUSE Linux Enterprise Server 11-SECURITY openssh-6.6p1-4.6 as a component of SUSE Linux Enterprise Server 12 openssh-fips-6.6p1-4.6 as a component of SUSE Linux Enterprise Server 12 openssh-helpers-6.6p1-4.6 as a component of SUSE Linux Enterprise Server 12 openssh-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-fips-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-helpers-6.6p1-29.1 as a component of SUSE Linux Enterprise Server 12 SP1 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-fips-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Server 12 SP2 openssh-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-fips-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-helpers-7.2p2-69.1 as a component of SUSE Linux Enterprise Server 12 SP3 openssh-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-fips-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-helpers-7.2p2-74.25.1 as a component of SUSE Linux Enterprise Server 12 SP4 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server 12 SP5 openssh-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-fips-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-helpers-7.2p2-55.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 openssh-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh-fips-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh-helpers-7.2p2-74.45.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 openssh as a component of SUSE Linux Enterprise Micro 5.2 openssh-clients as a component of SUSE Linux Enterprise Micro 5.2 openssh-common as a component of SUSE Linux Enterprise Micro 5.2 openssh-fips as a component of SUSE Linux Enterprise Micro 5.2 openssh-server as a component of SUSE Linux Enterprise Micro 5.2 openssh as a component of SUSE Linux Enterprise Server 11 SP1 for Teradata openssh as a component of SUSE Linux Enterprise Server 11 SP3 for Teradata openssh as a component of SUSE Linux Enterprise Server 11 SP4 LTSS The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. CVE-2014-2653 SUSE Liberty Linux 7:openssh-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-askpass-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-clients-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-keycat-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-ldap-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-server-6.6.1p1-11.el7 SUSE Liberty Linux 7:openssh-server-sysvinit-6.6.1p1-11.el7 SUSE Liberty Linux 7:pam_ssh_agent_auth-0.9.3-9.11.el7 SUSE Linux Enterprise Desktop 12:openssh-6.6p1-4.6 SUSE Linux Enterprise Desktop 12:openssh-helpers-6.6p1-4.6 SUSE Linux Enterprise Desktop 12 SP1:openssh-6.6p1-29.1 SUSE Linux Enterprise Desktop 12 SP1:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Desktop 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Desktop 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Desktop 12 SP3:openssh-7.2p2-69.1 SUSE Linux Enterprise Desktop 12 SP3:openssh-helpers-7.2p2-69.1 SUSE Linux Enterprise Desktop 12 SP4:openssh-7.2p2-74.25.1 SUSE Linux Enterprise Desktop 12 SP4:openssh-helpers-7.2p2-74.25.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise High Performance Computing 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Server 11 SP4:openssh-6.6p1-4.7 SUSE Linux Enterprise Server 11 SP4:openssh-fips-6.6p1-4.7 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-6.6p1-10.1 SUSE Linux Enterprise Server 11-SECURITY:openssh-openssl1-helpers-6.6p1-10.1 SUSE Linux Enterprise Server 12:openssh-6.6p1-4.6 SUSE Linux Enterprise Server 12:openssh-fips-6.6p1-4.6 SUSE Linux Enterprise Server 12:openssh-helpers-6.6p1-4.6 SUSE Linux Enterprise Server 12 SP1:openssh-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP1:openssh-fips-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP1:openssh-helpers-6.6p1-29.1 SUSE Linux Enterprise Server 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP2:openssh-fips-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Server 12 SP3:openssh-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP3:openssh-fips-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP3:openssh-helpers-7.2p2-69.1 SUSE Linux Enterprise Server 12 SP4:openssh-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP4:openssh-fips-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP4:openssh-helpers-7.2p2-74.25.1 SUSE Linux Enterprise Server 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise Server 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise Server 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-7.2p2-55.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-fips-7.2p2-55.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:openssh-helpers-7.2p2-55.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-7.2p2-74.45.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-fips-7.2p2-74.45.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:openssh-helpers-7.2p2-74.45.1 SUSE Linux Enterprise Micro 5.2:openssh SUSE Linux Enterprise Micro 5.2:openssh-clients SUSE Linux Enterprise Micro 5.2:openssh-common SUSE Linux Enterprise Micro 5.2:openssh-fips SUSE Linux Enterprise Micro 5.2:openssh-server SUSE Linux Enterprise Server 11 SP4 LTSS:openssh moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N