general (109) release (100) security (31) server (19) client (17) compliance (14) article (13) press (6) blog (5) kubernetes (4) infrastructure (3) email (1) ftp (1) client-side (1) australia (1) privacy (1)
2021 (13) 2020 (15) 2019 (16) 2018 (42) 2017 (16) 2016 (24) 2015 (20) 2014 (13) 2013 (3) 2012 (1) 2008 (1) 2007 (1) 2006 (1) 2005 (1) 2001 (3)
Go to all articles
SFTPPlus

SFTPPlus Release 3.28.0

We are pleased to announce the latest release of SFTPPlus version 3.28.0.

New Features

  • It is now possible to set permission for file management operations for accounts authenticated with the FTP/FTPS service. [ftp][ftps][server-side] [#3399]
  • You can now implement custom event handlers using our Python based …

security release

Wed 29 November 2017
SFTPPlus

SFTPPlus Release 3.27.0

We are pleased to announce the latest release of SFTPPlus version 3.27.0.

New Features

  • It is now possible to define the expiration date and time when configuring an account of type application or OS. [server-side] [#1152]
  • An audit event is now emitted when the HTTP connection is made …

security release

Tue 07 November 2017
SFTPPlus

Security Advisory for SFTPPlus 3.21.0

A security advisory was created for SFTPPlus version 3.21.0 affecting Linux and Unix systems authenticating operating system accounts over FTP.

security compliance press

Wed 31 May 2017
SFTPPlus

Security Advisory for SFTPPlus 3.18.0

A security advisory was created for SFTPPlus version 3.18.0 affecting Linux and Unix systems that rely on the umask functionality.

security compliance

Thu 15 December 2016
SFTPPlus

SFTPPlus 3.6.0 Release

We are pleased to announce the latest release of SFTPPlus, version 3.6.0.

Here is the list of the important new functionalities:

  • The OpenSSL version used by SFTPPlus is advertised as part of the events generated when starting the SFTPPlus process, as well as in the Local Manager status …

release security

Fri 18 March 2016
SFTPPlus

The DROWN Attack and SFTPPlus

SFTPPlus Server versions 1.6 and newer are not vulnerable to the DROWN attack.

The DROWN Attack and SFTPPlus

SFTPPlus versions 3 and newer are also not vulnerable to it.

The DROWN attack targets server-side products, thus SFTPPlus client is not vulnerable to it.

SFTPPlus relies on OpenSSL for the …

security

Thu 03 March 2016
SFTPPlus

SSLv3 POODLE vulnerability and SFTPPlus

Issue

In late September, a team at Google discovered a serious vulnerability in SSL 3.0, known as “POODLE”.

By exploiting this vulnerability, an attacker can gain access to data send over what is supposed to be a secured connection.

Affected protocols

SFTPPlus Server and Client are affected by SSLv3 …

security server client

Wed 22 October 2014
SFTPPlus

OpenSSL Heartbleed bug and SFTPPlus

SFTPPlus uses OpenSSL only for FTPS protocol. SFTP protocol is not affected by this bug.

OpenSSL Heartbleed bug and SFTPPlus

On Unix and Linux, SFTPPlus software use the OpenSSL library provided by the operating system. Unix and Linux operating system supported by SFTPPlus (RHEL 4, RHEL5, RHEL6, SLES 11, AIX 5.3) are not affected …

security server

Thu 17 April 2014
SFTPPlus

Security vulnerability for SSH keys authentication

Monday, 22 April 2013 - we have discovered a security vulnerability affecting SFTPPlus Server version 1.6, 1.7 and 1.8.

Due to an error in checking the SSH key signature, when SSH key authentication is used for a SFTP transfer, a user can obtain server access by using only …

server security

Mon 22 April 2013
SFTPPlus

OpenSSL DER certificate vulnerability and SFTPPlus

Last week a bug was discovered in all OpenSSL version. This bug can cause various security issues.

More information about the original vulnerability report for OpenSSL can be found from National Cyber Awareness System

A fix was already provided by the OpenSSL team as of 24 of April 2012.

Please …

security

Thu 26 April 2012
Previous Page