F-Secure Information for VU#973635

Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file

Status

Affected

Vendor Statement

All versions of the F-Secure SSH Server for Windows and

Reflection for Secure IT server for SSH on Windows are subject
to the hostkey vulnerability. For details of workarounds or
to request an upgrade to fix the vulnerability, please contact
AttachmateWRQ technical support:
http://support.wrq.com/programs/requesting_support.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.