Severe security flaws in current Multiping

Pingman Tools Forums

See the network, Pinpoint the problem.

Graphical Network Tools

Troubleshooting: PingPlotter

You are not logged in. [Log In] Pingman Tools Home » Forums » MultiPing » MultiPing Support » Severe security flaws in current Multiping

Topic Options

#4087 - 11/18/24 04:21 AM Severe security flaws in current Multiping
Johannes Registered: 11/18/24 Posts: 1	Greetings, I have found that current Multping 3.23 is using an older version of OpenSSL, which is prone to several flaws: CVE-2016-0705 CVE-2016-6303 CVE-2016-2177 CVE-2016-2182 CVE-2016-2842 CVE-2016-2108 CVE-2016-0799 Attached is the Screenshot of our software that reported the flaw. There are other CVEs with lower risks. I assume they are then all removed by upgrading to the latest OpenSSL version. I would be very gratefull if this could be quickly adressed, as I need to remove MultiPing from all our machines if the issue persists. And frankly, I love it and use it all the time. Thanks Johannes Attachments multiping_openssl_vuln2.png (21 downloads) Edited by Johannes (11/18/24 04:35 AM)
Top

#4088 - 11/18/24 11:52 AM Re: Severe security flaws in current Multiping [Re: Johannes]
Tyson Registered: 12/07/22 Posts: 37	Hi Johannes, Thanks for the report! This has been passed along to our product team to review and prioritize.
Top

#4095 - 01/13/25 01:56 PM Re: Severe security flaws in current Multiping [Re: Johannes]
Tyson Registered: 12/07/22 Posts: 37	As a dev team, we reviewed the CVEs you noted and concluded that MultiPing, as a workstation app, is at an extremely low risk. As such, we are not making immediate changes to our OpenSSL version. We do continuously monitor security updates, and if threats emerge that necessitate action on MultiPing, we will do so promptly.
Top