How to mitigate our Legacy SSH Client against SSH Vulnerability CVE-2023-48795

three men looking at a computer screen

There are several options available to mitigate the risk of exposure to CVE-2023-48795 for Maverick Legacy Client-enabled applications In code Use the code below before making any call to SshConnector.connect. SshConnector ssh = SshConnector.createInstance(); Ssh2Context ctx = ssh.getContext(); ctx.supportedCiphersCS().remove(Ssh2Context.CIPHER_CHACHA20_POLY1305); ctx.supportedCiphersSC().remove(Ssh2Context.CIPHER_CHACHA20_POLY1305); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA256_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA512_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_SHA1_ETM); ctx.supportedMacsCS().remove(Ssh2Context.HMAC_MD5_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA256_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA512_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_SHA1_ETM); ctx.supportedMacsSC().remove(Ssh2Context.HMAC_MD5_ETM); Using System Properties You do not need […]

Read More…

Maverick Legacy Client 1.7.49 Released

a city birdseye view with lights connecting areas of the city

This release contains bug fixes and minor feature enhancements. OpenSSH Certificate Bug A bug in processing extensions in OpenSSH Certificates caused authentication failures when custom extensions were present in the certificate. Improved Remote Hashing We have implemented the SFTP extensions “check-file-name” and “check-file-handle” to improve the existing support of MD5 hashes to include SHA-1, SHA-256 […]

Read More…

Maverick Legacy Server 1.7.49 Released

a room full of servers at a data center

This release contains bug fixes and minor feature enhancements. OpenSSH Certificate Bug A bug in processing extensions in OpenSSH Certificates caused authentication failures when custom extensions were present in the certificate.  Improved SFTP Extensions We have implemented the SFTP extensions “check-file-name” and “check-file-handle” to improve the existing support of MD5 hashes to include SHA-1, SHA-256 […]

Read More…

Maverick Legacy Server 1.7.44

a room full of servers at a data center

This minor update contains a customer support related bug fix, support for the new PuTTY Private Key format and a new public/private key implementation. PuTTY Private Keys Introduced in version 0.75, version 3 of the PuTTY Private Key File Format uses an Argon2 key derivation function incompatible with our previous implementation. This update includes support […]

Read More…

Maverick Legacy Client 1.7.44

a city birdseye view with lights connecting areas of the city

This release includes minor bug fixes to the Adaptive Configuration files’ match directive support and a new PuTTY Private Key files implementation. PuTTY Private Keys Introduced in version 0.75, version 3 of the PuTTY Private Key File Format uses an Argon2 key derivation function incompatible with our previous implementation. This update includes support for version […]

Read More…