Bitvise Information for VU#973635
Some SSH servers on Microsoft Windows set insecure permissions for the host identification key file
- Vendor Information Help Date Notified: 07 Sep 2005
- Statement Date:
- Date Updated: 08 Sep 2005
Bitvise SSH server for Windows, WinSSHD, is not affected by this issue.
The server's private key is stored in the WinSSHD registry key with permissions properly set by the installation program, restricting access to administrators and the Local System account only.
The vendor has not provided us with any further information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.