CVE ID
CVE-2014-2653
DESCRIPTION
It was discovered that OpenSSH clients did not correctly verify DNS SSHFP
records. A malicious server could use this flaw to force a connecting client
to skip the DNS SSHFP record check and require the user to perform manual host
verification of the DNS SSHFP record.
CVSS2 Base Score 4.3
Impact: Moderate
RESOLUTION
Resolution:
This was fixed in openssh-5.3p1-104.el6.x86_64 and later.
Apply Unitrends security update v10.29 from 07/27/2018 or later, containing openssh-5.3p1-123.el6_9.x86_64