Does anyone know how this QID is exactly tested for? (I assume it does just the version check...).
On one of our systems we have freeSSHd running - in a configuration that avoids exploitability by QID 120718 (CVE-2012-6066, i.e. the critical issue of freeSSHd) - We are running the latest version available (freeSSHd 1.2.6).
After authenticated scan (on Windows 2008 Server maching) QID 117137 however tells:
a. "freeSSHd versions prior to 1.2.6 are vulnerable."
b. "%ProgramFiles%\freeSSHd\FreeSSHDService.exe Version is 220.127.116.11 "