Bitvise Information for VU#973635

Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file

Status

Not Affected

Vendor Statement

Bitvise SSH server for Windows, WinSSHD, is not affected by this issue.

The server's private key is stored in the WinSSHD registry key with permissions properly set by the installation program, restricting access to administrators and the Local System account only.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.