MitM-able since 6.8 (December 2014) only if<p>> <i>VerifyHostKeyDNS is "yes" or "ask" (it is "no" by default),</i><p>And DOS-able since 9.5 (2023) because of a new <i>ping</i> command.<p>> <i>To confirm our suspicion, we adopted a dual strategy:</i><p>> <i>- we manually audited all of OpenSSH's functions that use "goto", for missing resets of their return value;</i><p>> <i>- we wrote a CodeQL query that automatically searches for functions that "goto out" without resetting their return value in the corresponding "if" code block.</i>