1. Home

Product groups

Support

HeartBleed attack vulnerability - WeOnlyDo Discussion board

HeartBleed attack vulnerability (General questions)

by Jan Manek, Thursday, April 10, 2014, 08:33 (3878 days ago)
edited by wodSupport, Thursday, April 10, 2014, 11:42

Hello,

we're using wodSSHServer/wodSSHClient components (different versions) in some of our products. I can see that for FIPS complaincy we need to provide for your component also libeay32.dll and ssleay32.dll libraries from OpenSLL.

Are your *SSH* components (and our customers) vulnerable against HeartBleed attack?

Thanks,
Jan Manek

locked
  7508 views

HeartBleed attack vulnerability

by wodSupport, Thursday, April 10, 2014, 08:35 (3878 days ago) @ Jan Manek

Jan,

hi. We use OpenSSL version 0.9.8y so we're not affected by Heartbleed bug.

Hope this helps!
Kreso

locked
  7407 views

HeartBleed attack vulnerability

by Jan Manek, Thursday, April 10, 2014, 08:53 (3878 days ago) @ wodSupport

Do you mean the latest version of SSH Server?

What about older versions? We're using that component for years and the customers can have installed older versions.

Thanks,
Jan Manek

locked
  7483 views

HeartBleed attack vulnerability

by wodSupport, Thursday, April 10, 2014, 08:55 (3878 days ago) @ Jan Manek

Jan,

older version too, they used older 0.9.8 revisions then.

Kreso

locked
  7373 views

HeartBleed attack vulnerability

by aa, Thursday, April 17, 2014, 14:04 (3871 days ago) @ wodSupport

Hi!

I can find "SSH-2.0-WeOnlyDo 2.1.3" from freeSSHd software. Could you confirm is the library provided by you (SSH-2.0-WeOnlyDo 2.1.3) affected for HeartBleed attack vulnerability?

Thanks

locked
  7375 views

HeartBleed attack vulnerability

by wodSupport, Thursday, April 17, 2014, 14:19 (3871 days ago) @ aa

Hi.

None of WeOnlyDo libraries are vulnerable to Heartbleed.

Hope this helps!
Kreso

locked
  7213 views

May I say how nice it is to work with components so complete and self-explanatory that using them in my application is as instinctive as though I wrote them myself?

Michael Barnett
Full Spectrum Telecommunications

Brilliant, even works on the mobile phone...

Conrad Leigh
Leaf Wireless

I would highly recommend this to anyone who needs a good quality SFTP solution.

Ian D. Mead, author of UltraEdit-32
IDM Computer Solutions

You made it so simple for us to integrate SFTP - a technology we had little experience with...

Zack Menendez
Mapframe Corporation

I really like these products - they are consistently first rate!

David Witten
WWR Development, Inc.

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk

You have been great as far as offering support is concerned and has been extremely responsive to both support requests and suggestions for product enhancements.

David Keenan
Serengeti Systems Incorporated

The wodCrypt product is great and we appreciate your effort to add support for UNIX Crypt.

William Ruf
Siemens Information and Communication Networks

Fantastic product by the way, it has helped us tremendously on a daily basis. Keep up the good work.

Ben Lewis
Waterson Consulting Ltd.

...I'm extremely impressed with the product, it represents excellent value for money...

Danny Haworth
Assetdisk