1. Home

Product groups

Support

freeSSHD-like vulnerabilities in wodSSHServer - WeOnlyDo Discussion board

freeSSHD-like vulnerabilities in wodSSHServer (wodSSHServer)

by Krupashankar S, Thursday, February 04, 2016, 08:56 (3216 days ago)

Does the SSH Server component suffer any of the following vulnerabilities that were present in freeSSHD? If so, what is the mitigation option.

1) FreeSSHd Authentication bypass (20121201)
2) SSH protocol version 1 detected
3) SSH v1 Session Key Retrieval (20010918)

I presume for #2 and #3, using only SSH v2 authentication ( ProtocolsEnum.SSH2) is the solution. Is this correct? How about the first one, authentication bypass vulnerability?

The version of SSH Server component in question is 2.2.9.381.

locked
  3606 views

freeSSHD-like vulnerabilities in wodSSHServer

by Jasmine, Thursday, February 04, 2016, 12:46 (3215 days ago) @ Krupashankar S

Hi.

As far as I know, wodSSHServer does not have any open vulnerabilities, all of those are fixed as they are reported.

freeSSHd does use wodSSHServer, but depends on when it's updated, it doesn't update regularly.

As for you specific version, it's from May 2012. I really don't know if it contains those fixes or not. I can only suggest to update to latest version.

I hope this helps!
Jasmine.

locked
  3541 views

Thank you so much for your hard work and commitment in producing well thought-out solutions. WeOnlyDo is very committed to customer satisfaction!

Mike McPherson
Nokia Inc.

Not only wodSFTPdll is excellent, the service you have provided is outstanding and second to none!

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk

May I say how nice it is to work with components so complete and self-explanatory that using them in my application is as instinctive as though I wrote them myself?

Michael Barnett
Full Spectrum Telecommunications

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk

Don't be fooled by the cost, it's value and quality far exceeds the price being charged!

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

You have been great as far as offering support is concerned and has been extremely responsive to both support requests and suggestions for product enhancements.

David Keenan
Serengeti Systems Incorporated

I've heard that you are amazing with your replies coming back so quickly - and now I've seen the speed in which you reply first hand.

Andrew Narracott
Sun Computer Consultancy

It was no small factor, however, that your support in getting me up and running made me buy from you.

Charles Taylor
InterWeave, Inc.

Brilliant, even works on the mobile phone...

Conrad Leigh
Leaf Wireless