NetSarang

An update for Xmanager, Xshell, and Xftp was released today. Please update your clients.

Fixes and New Features:
• Added a function to set whether or not Keyboard Interactive prompts' text field will show its contents (set KBIShowAsPw=) See examples here: https://netsarang.atlassian.net/wiki/spaces/ENSUP/pages/2237306077
• Certain Unicode characters, such as emoji characters, not displaying correctly
• Duplicated session channels crash after exiting and reconnecting
• Duplicated sessions saved in the Recent Sessions list can be executed without a password
• Xftp sessions fail to connect when called from an Xshell Jumphost session initialized from the Local Shell
• Crash when the DPI is changed while a tooltip is displayed
• And More…

See full release notes on our download page here: https://netsarang.com/all-downloads/

We've released an important update for Xshell (Build 0144) today which includes a patch for the Terrapin Attack vulnerability (CVE-2023-48795). This is a vulnerability related to OpenSSH which was publicly disclosed today. Please update your clients as soon as possible.

NetSarang was informed of this vulnerability beforehand by the research team at Ruhr-Universität Bochum, and we've timed our release in conjunction with their official public disclosure. Hats off to their research team for their impressive work.

More information regarding this vulnerability can be found at: https://terrapin-attack.com/

CVE Record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

If your Free License is constantly asking you to register, please update to the latest build (Xshell Build 0140, Xftp Build 0140), and register one final time. This is a bug which has since been resolved.