Overview
You are curious whether ExOS v7.4.13 is impacted by the following OpenSSH vulnerabilities: CVE-2006-4925, CVE-2006-5794 CVE-2007-0726. CVE-2007-4752, CVE-2007-2243.
Information
ExOS version 7.4.13 is not impacted by the mentioned OpenSSH vulnerabilities.
The OpenSSH vulnerabilities only impact OpenSSH versions prior to 4.7. OpenSSH in the Exinda OS has already been updated to version 6.9 under ExOS version 7.4.8. Please see Exinda | ExOS 7.4.8 Release Notes for more details.
ExOS latest version 7.5.0 was recently released, where OpenSSH has been upgraded to version 8.0, OpenSSL to version 1.1.1d, and Apache to version 2.4.41 to improve the core security of the Exinda appliance. Please see the the below articles for more details:
We recommend upgrading the Exinda OS to the latest version 7.5.0. For product downloads and information about upgrading Exinda Network Orchestrator visit the GFI Upgrade Center.