1. Home

Product groups

Support

freeSSHD-like vulnerabilities in wodSSHServer - WeOnlyDo Discussion board

freeSSHD-like vulnerabilities in wodSSHServer (wodSSHServer)

by Krupashankar S, Thursday, February 04, 2016, 08:56 (3213 days ago)

Does the SSH Server component suffer any of the following vulnerabilities that were present in freeSSHD? If so, what is the mitigation option.

1) FreeSSHd Authentication bypass (20121201)
2) SSH protocol version 1 detected
3) SSH v1 Session Key Retrieval (20010918)

I presume for #2 and #3, using only SSH v2 authentication ( ProtocolsEnum.SSH2) is the solution. Is this correct? How about the first one, authentication bypass vulnerability?

The version of SSH Server component in question is 2.2.9.381.

locked
  3601 views

freeSSHD-like vulnerabilities in wodSSHServer

by Jasmine, Thursday, February 04, 2016, 12:46 (3213 days ago) @ Krupashankar S

Hi.

As far as I know, wodSSHServer does not have any open vulnerabilities, all of those are fixed as they are reported.

freeSSHd does use wodSSHServer, but depends on when it's updated, it doesn't update regularly.

As for you specific version, it's from May 2012. I really don't know if it contains those fixes or not. I can only suggest to update to latest version.

I hope this helps!
Jasmine.

locked
  3534 views

You did a great job on wodSSH and wodSSHServer! I got a lot for very little money. Thanks!

Dirk Bulinckx
bvba Woodstone

...what I really like is that wodSSH and wodSFTP components work excellently and are constantly being improved...

Steven Jones
SABIEN project

Many thanks for your excellent support service. I can see why you have a long list of excellent testimonials on your website.

Martyn Walker
Batmore Technolgies

...with a minimum of effort as the DLL interface was written with such simplicity...

Zack Menendez
Mapframe Corporation

Congratulations on an excellent product and first rate support!

Sander Pool
Rhapsody Networks

...wodFtpDlx was exactly what I needed, it worked, and it was priced right...

David Keenan
Serengeti Systems Incorporated

Congratulations on an excellent product and first rate support!

Sander Pool
Rhapsody Networks

Thank you very much for the rapid responses. I was a little nervous about dealing with a company that is on a different continent from me. You have proven my concerns to be unfounded.

Robert Pacheco
Surebridge, Inc.

Not only wodSFTPdll is excellent, the service you have provided is outstanding and second to none!

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

Your .NET components allow us to blend .NET technology seamlessly with secure communication, and with excellent technical support.

Bil Bragg
Dionach