F-Secure Information for VU#973635

Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file



Vendor Statement

All versions of the F-Secure SSH Server for Windows and

Reflection for Secure IT server for SSH on Windows are subject
to the hostkey vulnerability. For details of workarounds or
to request an upgrade to fix the vulnerability, please contact
AttachmateWRQ technical support:

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.