![]() You need to use the 7.6.2.1 versions of the install programs. Neither of the modules is affected by the MITM SSL issue, but we updated the install programs to be compatible with the WS_FTP Server 7.6.2.1 patch release. Note also that we have released updated install programs for the Web Transfer Module and the Ad Hoc Transfer Module. ![]() The WS_FTP Server 7.6.2.1 patch release upgrades OpenSSL to the 1.0.1h version, which removes this vulnerability.Ĭheck your version number to see if you need to upgrade. This vulnerability affects all releases starting with 7.1 through the 7.6, 7.6.1 and 7.6.2 versions of WS_FTP Server. In basic terms, the vulnerability exposes an OpenSSL to OpenSSL exchange that uses the OpenSSL 0.9.8, 1.0.0 and 1.0.1 family of protocols to an attack. Security Update on SSL/TLS MITM (Man-in-the-middle) vulnerability (CVE-2014-0224): The recent vulnerability uncovered in OpenSSL has affected vendors and companies that rely on this near-ubiquitous open source security protocol. Security Update: Release 7.6.3 includes all prior upgrades that addressed the Heartbleed vulnerability, and includes OpenSSL version 1.0.1h. These are DoS and SSL downgrade attack vectors that are applicable to WS_FTP Server. Security Update: Release 7.7 includes OpenSSL 1.0.1l, which contains nine new security fixes described here.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |