| |
|
|
WRQ, Inc. Information for VU#973635
Vendor StatementProducts Affected:
Problem Correction: Upgrade to Reflection for Secure IT Windows Server version 6.0 build 24 or manually change the permissions of the host's private key file (hostkey) to be readable by members of the Administrator's group only. The default location of the file is: C:\Program Files\F-Secure\ssh server\hostkey. (You may have modified this location during installation.) AttachmateWRQ recommends generating new host keys for all Windows servers to ensure that this vulnerability cannot be exploited. Note: When server host keys are regenerated, users will receive a warning message stating that the host's key has changed. Let your users know to expect this behavior, or generate and distribute new known_hosts files that include the new keys. For additional details and server upgrade information, please see: http://support.wrq.com/techdocs/1867.html AttachmateWRQ also recommends that you bookmark and regularly check the Security Updates and Reflection for Secure IT web page for the latest information about updates and vulnerabilities: http://support.wrq.com/techdocs/1910.html Vendor InformationThe vendor has not provided us with any further information regarding this vulnerability.AddendumWe have no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
 | |||||||||||||||||
 |
||||||||||||||||||||
