1. Home

Product groups

Support

OpenSSH Vulnerability - WeOnlyDo Discussion board

OpenSSH Vulnerability (wodSFTP / wodSFTP.NET / wodSFTPdll)

by jdoorn, Wednesday, November 11, 2020, 22:10 (1255 days ago)

We are using software that was built around wodSFTP (WeOnlyDo 3.7.3.170) for both client & host sFTP file transfers. We have found that some packets are randomly flagged by Meraki's IDS (SNORT) as having a signature matching a version of OpenSSH (versions 2.3.1 through 3.3) vulnerable to SSH Overflow vulnerabilities CVE-2002-0639 & CVE-2002-0640.

Does wodSFTP (WeOnlyDo 3.7.3.170) use OpenSSH or is there reason to believe wodSFTP might be vulnerable to these CVEs? We are trying to determine if Meraki's IDS/SNORT is giving us false positive events.

locked
5662 views

Complete thread:

 

  • OpenSSH Vulnerability - jdoorn, 2020-11-11, 22:10 [*]

Many thanks for your excellent support service. I can see why you have a long list of excellent testimonials on your website.

Martyn Walker
Batmore Technolgies

Your customer service was excellent, and I will look at your products in the future for precisely that reason.

Charles Taylor
InterWeave, Inc.

Thanks! We love your software and your great support!

Sandy Fliderman
Primary Development Corporation

Brilliant, even works on the mobile phone...

Conrad Leigh
Leaf Wireless

...your service has been phenomenal. It's always quick and you are there when I need you.

James Newman
Castleberry Investments

...with the SFTP interface you produced, everything was so simple to understand, we were able to start coding almost immediately!

Zack Menendez
Mapframe Corporation

Brilliant, even works on the mobile phone...

Conrad Leigh
Leaf Wireless

We have recently completed a large 1200+ location project where reliable Telnet and SSH connectivity was required. wodSSH worked flawlessly and allowed our staff to complete our project ontime and within budget.

James Sievers
Harbor Technologies

...with the SFTP interface you produced, everything was so simple to understand, we were able to start coding almost immediately!

Zack Menendez
Mapframe Corporation

...wodFtpDlx was exactly what I needed, it worked, and it was priced right...

David Keenan
Serengeti Systems Incorporated