Experiences with ver 15.4.2.126 - Are there any Early adopters feed back?

Hot Fix 1 for 15.4.2 is out and should address these problems:

* Inconsistent HTTP session authentication when the password used contains special characters.
* Group administrators can create access to restricted file system directories.
* Sporadic failure to establish SSH connection under specific network conditions.
* New web client corrupts the user's password when the user's password is changed.

best regards,

Markus

Hi, we applied the 15.4.2 HF1 which moved the version to 15.4.2.147 but the login issue still persisted, do you know if anyone else who has applied the 15.4.2 HF1 is still experiencing the login issues?

All tests I've done seem to be ok with 15.4.2 HF1 (15.4.2.147).

Is it possible that a password was changed / corrupted before you installed HF1?

Hi calc2014,

I was getting the same type of behaviour that was being presented on 15.4.2.126 where it would say operation not permitted or just a spinning circle and hitting refresh would let you log in. 

For the time being I've reverted back to 15.4.1 and that seems to be working without issue.

Hi calc2014,

I was getting the same type of behaviour that was being presented on 15.4.2.126 where it would say operation not permitted or just a spinning circle and hitting refresh would let you log in. 

For the time being I've reverted back to 15.4.1 and that seems to be working without issue.

Could you reapply 15.4.2 installation and then stop serv-u fully (including exiting the tray), then copy in and replace all files from the hotfix?

Hi calc2014 

Done this and still no go, back to 15.4.1.128 I'm afraid. 

Hi, 

Just dropping in to bump this feed as CVE-2024-28995 is now doing the rounds and Serv-U 15.4.2 HF2 appears to be the only way to mitigate against this CVE. Once again upgrading to Serv-U 15.4.2 HF2 (15.4.2.157) exhibits the same login issue. I've now escalated this to a customer support call as the urgency on this upgrade has increased given this CVE.

We have tried on both instances of Serv-U we run and both exhibit the same behavior of Error Login was not successful and if you click login again after this error message you get a endless blue spinning wheel icon. 

Just wanted to keep the thread in the loop of where we have got to.

Unable to get Serv-U 15.4.2 HF2 (15.4.2.157)

Community & SW Serv-U Support,

Serv-U MFTP Mgmt Console says
new version 15.4.2.147 
installed 15.4.1.128

What does SW Support advise to update to 2.147 then apply HF's or remain on 1.128 until the issues and HF applying is finished?

Or, is there a higher version than 15.4.1.128 that is stable?

From the SW SU HF2 link - interesting read, bonus includes a few IP to block
GreyNoise Labs - SolarWinds Serv-U (CVE-2024-28995) exploitation: We see you!


Thanks,
JeffP...