SSH Terrapin Attack and Royal Apps : Royal Apps

On the 18th December 2023 a new vulnerability was published at the National Vulnerability Database: CVE-2023-48795. More information can be found here: https://terrapin-attack.com/

For this vulnerability, the SSH client as well as the SSH server has to be patched. Fortunately, in practice, the actual impact of the weakness on most SSH implementations seems to be negligible. No version of Rebex SSH relies on the RFC 8308 extension negotiation mechanism yet, so this weakness can only be used by an attacker to disrupt authentication, causing the SSH session to fail. You can find more information on this topic here:

https://blog.rebex.net/version-7-0-8755

For Royal Apps, the following software includes patches for this vulnerability:

Royal Server

For the Secure Gateway connections using the Rebex software:

Starting from Royal Server Version 5.02.50108 we include the Terrapin patch done by Rebex. The current

version including the fix can be downloaded here: https://www.royalapps.com/server/main/download.

Royal TS

For Terminal Connections via the PuTTY plugin as well as for Terminal Connections via the Rebex plugin:

Starting from Royal TS Version 7.02.50111.0 we include the Terrapin patch done by Rebex and PuTTY. The current

version including the fix can be downloaded here: https://www.royalapps.com/ts/win/download.

Managing the PuTTY version used by Royal TS manually

You can always manage the used PuTTY version manually by installing at least version 0.80 first and then:

Manually updating PuTTY for a given connection

- Open the properties of the Terminal connection

- Navigate to “Active Plugin”

- Click on the Plugin Settings button

- Change the “Executable:” to a path where you have locally installed PuTTY upfront

Manually updating PuTTY for any new Terminal connection using PuTTY

- In the ribbon click on View -> Plugins

- Click on Terminal

- Select "Terminal (Based on PuTTY) and "Plugin Settings"

- Change the “Executable:” to a path where you have locally installed PuTTY upfront

Royal TSX

For Secure Gateway Connections as well as File Transfer Connections using the Rebex library:

Starting from Royal TSX Version 6.0.3.1 Beta we include the Terrapin patch done by Rebex. The current

version including the fix can be downloaded here: https://www.royalapps.com/go/kb-ts-mac-downloadbeta.

Royal Apps

How can we help you today?