SSH CVE 2023-48795
Posted: Tue Jan 02, 2024 8:13 am
Hello support team,
We are running a WingFTP server v6.4.8.
Our security team warn us about an SSH vulnerability CVE 2023-48795 "Terrapin Attack".
ALL SSH servers that support ChaCha20-Poly1305 and CBC-EtM algorithms and do not support Strict Key Exchange are vulnerable.
I don't find a patch that fixes this vulnerability.
Please offer a solution.
Thank you!
We are running a WingFTP server v6.4.8.
Our security team warn us about an SSH vulnerability CVE 2023-48795 "Terrapin Attack".
ALL SSH servers that support ChaCha20-Poly1305 and CBC-EtM algorithms and do not support Strict Key Exchange are vulnerable.
I don't find a patch that fixes this vulnerability.
Please offer a solution.
Thank you!