Menu

Search

GlobalSCAPE Knowledge Base


EFT is NOT affected by the LibSSH vulnerability


kmarsh
EFT Express (SMB) & Enterprise

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • All products

QUESTION

Is EFT affected by the LibSSH vulnerability?

ANSWER

No, EFT is not affected by the LibSSH vulnerability. The vulnerability pertains to libssh which was never used in EFT. 

EFT uses sshlib (1.81) from Bitvise. Bitvise does not share a common code with libssh. In Bitvise Software, authentication state is managed in separate client-side and server-side components. The server-side authentication component is not affected by this issue and will ignore any SSH_MSG_USERAUTH_SUCCESS messages sent by the client.

EFT v7.4.11.34 and later uses OpenSSH for SFTP. 


Also In This Category


On a scale of 1-5, please rate the helpfulness of this article


Not Helpful
Very Helpful
Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: Last Month
Last Modified By: kmarsh
Type: FAQ
Rated 5 stars based on 2 votes.
Article has been viewed 362 times.
Options
Find Similar