Secure FTP Server Version History

Secure FTP Server Version History

Changes in 3.3.10

  • Fixed SFTP protocol command validation
  • Eliminated Memory leak in authentication manager.
  • Eliminated crash in SFTP.

Changes in 3.3.7 

  • Updated SSH libraries.
  • Improved audit logger database connectivity.

Changes in 3.3.5 

  • Improved compatibility with Filezilla FTP client.
  • Improved compatibility with z/OS systems.
  • Improved resource usage when uploading via HTTP.

Changes in 3.3.1

  • Corrected problem with inheritance and resulting folder permissions

Changes in 3.3.0

  • MD5 functions not thread safe causes crash - Repaired
  • Auto-lockout now resets on successful login (SFTP)
  • Corrected COM Memory leak when creating users
  • MLST now works according to specifications
  • COM method SetMaxSpace inputs correct amount
  • Corrected error where E-mail notifications fail in certain scenarios
  • Corrected error when restoring key from backup location
  • Show in list unchecked no longer allows viewing of directory
  • HTTPS component correctly handles large file transfers
  • MLSD correctly returns Virtual folders
  • COM method RemoveUser error corrected MX Error: 65280 (0000FF00)”
  • COM method RenameUser error corrected
  • HTML directory listing links now properly encode for special characters
  • Service crash error corrected faulting module to be ntdll.dll
  • Error returned incorrect SSH dates corrected
  • Correct file information now sent with SSH_FXP_STAT returns
  • 403 and 404 errors corrected when there is no list permission (blind) in HTTP/S
  • Force auth dbase refresh now works
  • Folder listings for 1000+ virtual folders now works
  • New Active Directory user accounts can now log in after service restart
  • MLST and MSLD no longer return incorrect negative file sizes on files greater than 2GB
  • Accounts are no longer incorrectly disabled when using AD and “disable account after X” is not engaged
  • Upload button no longer displays in browser even though no upload permissions are available for that user

Changes in 3.2.0 Build 07.07.2006.6

  • Optimized internal SMTP client to conform to RFC 2821
  • Optimized HTML listing to support RFC 1738 guidelines for special characters (sec. 2.2)
  • Corrected problem with log file showing negative numbers for file sizes over 2GB
  • Corrected problem with MLSD not returning Virtual Folders as part of the list
  • Corrected problem with max transfer speeds preventing users with slower connections from uploading
  • Corrected problem with disk quota limit affecting HTTPS transfers
  • Corrected problem with SFTP logins for new users using AD Authentication
  • Improved error reporting for custom command action triggering

Changes in 3.1.5 Build 04.12.2006.2

  • Corrected error when SFTP clients connect to NT/AD Site using password only authentication
  • Corrected issue where execution of a custom command with a lengthy parameter line passed to it causes server to crash.
  • Corrected error in which settings for require client certificates feature for SSL protocols affected all sites, not only the one on which it was turned on.
  • Enhanced On User Account Disable Event Rule to trigger when expiration of user account occurs (based upon site refresh interval)
  • Enhanced SFTP server-side logging such that uploads of 0 Byte files are now written to the log file.

Changes in 3.1.4 Build 01.10.2006

  • Added SFTP upload/download speed and count reporting to administration GUI
  • Corrected issue with public key authentication in SFTP
  • Corrected issue with timeout not disconnecting in SFTP
  • Corrected issue when creating a site using NTLM authentication with custom domain and group
  • Corrected issue with home folder permissions resetting at user's first login
  • Corrected issue with impersonation while downloading in HTTP/S
  • Improved SetMaxSpace and GetMaxSpace COM methods to use units of KB to allow greater maximum values
  • Corrected issue connecting with OpenSSH 3.5 without Show and List permissions on parent folder
  • Corrected issue where execution of a custom command with a lengthy parameter line passed to it causes server to crash.

Changes in 3.1.3 Build 10.10.2005

  • Improved stability of service caused by unsynchronized access to the SFTP socket state
  • Corrected HTML form-based uploads to work properly through a URL containing escape codes
  • Corrected issue to allow Windows user impersonation
  • Corrected event rule processing when transferring files in PASV mode and containing a command

Changes in 3.1.1 Build 08.08.2005.2

  • Fixed service issue related to Windows 2003
  • Corrected branding issue in HTTP/S module
  • Improved service stability

Changes in 3.1 Build 7.06.2005.3

  • Added module for support of HTTP and HTTPS transfers
  • Improved registration process
  • Known Issues:

    1. Upgrades with a fully registered (not trial) SFTP module may see the SFTP module disabled after upgrading to 3.1. If this happens, re-enter the SFTP serial to re-activate that component.

    2. Those with trial versions of HTTP will need to restart the server service for the HTTP trial to apply.

Changes in 3.0.4 Build 6.15.2005

  • Corrected SSH response to MSG_CHANNEL_REQUEST that had flip-flopped the sender and receiver channels. Now properly supports multiple channeled during SFTP session.
  • Corrected error in SetPermission() and GetPermission() from the COM Admin module introduced when adding richer error reporting.

Changes in 3.0.3 Build 4.29.2005

  • Fixed security vulnerabity due to buffer overflow in FTP command channel
  • Improved COM interface error reporting by implementing ISupportErrorInfo interface
  • Improved registration wizard to display options upon failed registration

Changes in 3.0.2 Build 4.12.2005

  • Corrected file locking problem that caused some files to not appear after uploads (only when a user home folder was specified to be the root folder)

Changes in 3.0.1 Build 3.31.2005

  • Corrected memory leaks
  • Corrected problem with quota limits for SFTP uploads

Changes in 3.0.0 Build 3.23.2005

  • Added MODE Z support with ZLIB compression engine
  • Added support to limit the number of total concurrent user logins
  • Added support to lock partially uploaded files (clients cannot download files in the process of being uploaded)
  • Added support for importing and exporting site configuration data, user settings, site custom commands, and site event rules
  • Added support for capturing and displaying connection-activity in real-time
  • Improved logging information and provided option for "Standard" and "Verbose" logging
  • Added registration wizard
  • Enhanced logging mechanisms
  • Corrected ability to disable SMTP authorization option
  • Corrected issue where Event Rules does not release handles correctly when user redirects output -OR- terminates the process after a certain amount of time
  • Corrected issue to properly re-establish lost connections with SQL database using ODBC Authentication
  • Enhanced message prompt on Kick User functionality
  • Corrected issue with SMTP authorization being disabled
  • Corrected issue to log failed login attempts
  • Corrected issue that could crash the Administrator GUI when the admin password is NOT remembered
  • Corrected issue in receiving BitVise's Tunnelier client SSH/SFTP commands
  • Corrected issue with multi-part uploads not always working
  • Corrected issue so IIS logging records partial transfers

Changes in 2.0.7 Build 12.20.2004

  • Corrected issue with AD Authentication failing to pull GROUP information
  • Corrected issue with RNFR and RNTO not returning proper codes
  • Corrected issue with COM ICISites section functionality
  • Corrected issue with CreatePhysicalFolder failing unless UNIX style path provided
  • Corrected issue with trial registration on the Windows 2003 Operating System

Changes in 2.0.6 Build 11.03.2004.2

  • Corrected AD Authentication import of large numbers of users
  • Corrected incorrect 'modified' date on files
  • Corrected issue with ODBC Group Management
  • Corrected issue with SFTP event rules using Email/Custom Command parameters
  • Corrected issue with STOU command not returning unique filenames
  • Corrected issue with deployment of default MS Access db

Changes in 2.0.5 Build 9.08.2004

  • Corrected inappropriate SFTP Banner Message ("unexpected packet #53") on server initiated key re-exchange
  • Made various SFTP Event Rule improvements
  • Event rule parameters now honoring quotes so that embedded spaces are not considered parameter delimiters
  • Administration COM DLL bug fixes (CreateUser, Permissions)
  • Registration now allows multibyte (MBCS) characters
  • Error message / prompt / indication string changes for clarification
  • Corrected issue with disappearing users from ftpserver_ids table
  • Corrected bug where client password only connections were allowed even though the server required password and certificates for authentication

Changes in 2.0.3 Build 5.16.2004

  • Corrected condition where SFTP sometimes returned incorrect file permissions
  • Corrected auto-assign home folder logic when NT Auth was used
  • Corrected condition where SFTP would always listen on regardless of IP settings
  • Corrected remote administration problem where selecting SFTP tab would lock the admin GUI from selecting any other tab
  • Corrected a defect introduced in 2.0.2 where SFTP public key authentication failed to occur
  • Corrected condition where user level settings for protocol restrictions were ignored in favor of site-level restrictions
  • Corrected default behavior to include Modified Time as part of MLSD/MLST options
  • Corrected a formatting issue with regard to time values returned as a result of an MLSD command sequence
  • Corrected security vulnerability where SSH service credentials were being used instead of the connecting user's NTFS permissions when using NT/AD Authentication and SFTP
  • Corrected condition where server was returning both virtual and physical folder names in the raw listing (for virtual folders)

Changes in 2.0.2 Build 4.15.2004

  • SFTP commands are logged to log file
  • Improved SFTP response codes to conform to RFC standard and expectations of clients
  • SFTP can now run independently of FTP/FTPS
  • Proper handling of NTLM/AD usernames when connecting over SFTP
  • Improved Trial Registration mechanisms
  • Improved SMTP communication to avoid false positives in SPAM checkers
  • Proper handling of home folder creation upon first login

Changes in 2.0.1 Build 3.16.2004

  • Corrected two security vulnerabilities (DoS and Buffer Overflow on SITE commands)
  • Corrected condition where GUI would crash if connecting while on the VFS tab
  • Corrected issue wherein virtual folders would appear in duplicate places in VFS

Changes in 2.0  3/11/2004

  • Added Event Rules
  • Added support for SFTP (SSH2)
  • Added programmatic interface support with COM
  • Added support for database polling
  • Added option to edit path to authentication provider (database)
  • Added support for 1024,2048, and 4096 bit SSL key lengths
  • Added feature which makes an expired certificate immediately recognizable in the certificate manager
  • Added support for TLS 1.0 (SSL v3.1)
  • Added support for Clear Command Channel (CCC) when using SSL
  • Added support for server to server transfers using SSCN
  • Added support for multiple servers to be managed through the Administrator Interface
  • Added feature to specify a future date to expire user accounts
  • Added support for Active Directory
  • Added support to query domain controller
  • Added feature for the input of personal account information
  • Added option to use home folder when creating a Site that will use NT or Active Directory Authentication

Changes in 1.2.3 10/17/2003

  • Added support for the MDTM command
  • Added ability to use a forward slash on NT Authentication logins
  • Corrected problem to properly handle Close_Notify sent by SSL client
  • Corrected problem in handling of heavy loads under SSL  that caused VFS to "forget" root path (especially on multi-processor machines)
  • Corrected problem where server would sometimes close socket prematurely when a client requested a directory listing
  • Corrected timestamp logic for file dates without explicit times being listed. This improves synchronization logic

Changes in 1.2.1 7/9/2003

  • Corrected problem where SSL download speeds were substantially slower than SSL upload speeds
  • Corrected a problem where there was an inconsistency between the change password dialog and the New User Wizard

Changes in 1.2 3/4/2003

  • Corrected a problem where downloads using SSL would sometimes transfer an incomplete file
  • Corrected a problem where the server was not sending the correct IP address in response to a PORT mode request when the server has multiple IP addresses and the virtual site is listening on any but the first of those addresses
  • Added support for files sizes greater than 2 GB
  • Corrected issue so that IIS log file format now correctly lists time per operation