Now we will continue to download the file as long as there is data.įixed a problem with third-party transfers between different hosts with the same IP address when the directory structures were identical.
Overhauled the flow control algorithm for SFTP uploads to improve performance with various server types.Īdded support for the following operating systems: Windows 8.1 64-bit, Windows 10 64-bit, Windows Server 2008 R2, Windows Server 20 R2.įixed a problem that stopped downloading from an SSH/SFTP host after 20,000 bytes if the server did not tell us an accurate file size. This document contains information on how to install and configure WS_FTP Professional. Systems that may have exposed this vulnerability should regenerate any sensitive information (secret keys, passwords, etc.) with the assumption that an attacker has already used this vulnerability to obtain those items. Check your version number to see if you need to upgrade.
If you have an affected version, you have already received a notification from the Ipswitch Security Team. The WS_FTP Pro 12.4.1 patch release disables the heartbeat function that exposed the vulnerability in the OpenSSL 1.0.1c version and a later release will provide an update to a version of OpenSSL (1.0.1g or later) that has addressed this issue. This vulnerability affects only the 12.4 version of WS_FTP Pro. In basic terms, the vulnerability exposes any exchange that uses the OpenSSL 1.0.1 family of protocols to an attack. Security Update on Heartbleed SSL: Heartbleed SSL, the recent vulnerability uncovered in OpenSSL, has affected vendors and companies that rely on this near-ubiquitous open source security protocol. The WS_FTP 12.4.1.1 patch release upgrades OpenSSL to the 1.0.1h version, which removes this vulnerability.Ĭheck your version number to see if you need to upgrade. This vulnerability affects the 12.4 and 12.4.1 versions of the WS_FTP client. In basic terms, the vulnerability exposes an OpenSSL to OpenSSL exchange that uses the OpenSSL 0.9.8, 1.0.0 and 1.0.1 family of protocols to an attack. Security update on SSL/TLS MITM (Man-in-the-middle) vulnerability (CVE-2014-0224): The recent vulnerability uncovered in OpenSSL, has affected vendors and companies that rely on this near-ubiquitous open source security protocol. This version of OpenSSL addresses the SSL/TLS MITM vulnerability (CVE-2014-0224), along with other security fixes mentioned here. 12.5.x Release Notes Security Update: 12.5.x
0 kommentar(er)
