HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities
Description:
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.