Exploit the possiblities
Showing 1 - 25 of 274 RSS Feed

Files

OpenSSL Toolkit 1.0.2m
Posted Nov 4, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: bn_sqrx8x_internal carry bug on x86_64 was addressed. A malformed X.509 IPAddressFamily out-of-bounds read was addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2017-3735, CVE-2017-3736
MD5 | 10e9e37f492094b9ef296f68f24a7666
OpenSSL Toolkit 1.0.2l
Posted May 27, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Very minor update.
tags | tool, encryption, protocol
systems | unix
MD5 | f85123cd390e864dfbe517e7616e6566
OpenSSL Toolkit 1.0.2k
Posted Jan 26, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Bug fixes for an out-of-bounds read, a carry propagating bug, and multiple other issues.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-7055, CVE-2017-3731, CVE-2017-3732
MD5 | f965fc0bf01bf882b31314b61391ae65
OpenSSL Toolkit 1.0.2j
Posted Sep 26, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-7052
MD5 | 96322138f0b69e61b7212bc53d5e912b
OpenSSL Toolkit 1.0.2i
Posted Sep 22, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A large amount of security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6306
MD5 | 678374e63f8df456a697d3e5e5a931fb
OpenSSL Toolkit 1.0.2h
Posted May 3, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixes to prevent padding oracle in AES-NI CBC MAC check. Fixed various overflows and other security issues.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2013-0169, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, CVE-2016-2176
MD5 | 9392e65072ce4b614c1392eefc1f23d0
SSLsplit 0.5.0
Posted Mar 28, 2016
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: Added separate src/dst host and port format specifiers. Added signal SIGUSR1 to re-open long-living -l/-L log files. Removed all references to SHA-1 and small key RSA root CA keys from documentation, examples and unit testing. Various other updates and additions.
tags | tool, encryption
MD5 | 1d193765b287cce7af0500548e0de893
OpenSSL Toolkit 1.0.2g
Posted Mar 1, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Disabled weak ciphers in SSLv3 and up in default builds of OpenSSL. Disabled SSLv2 default build, default negotiation and weak ciphers. Fixed a double-free in DSA code. Various other security issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799
MD5 | f3c710c045cdee5fd114feb69feba7aa
OpenSSL Toolkit 1.0.2f
Posted Jan 29, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple bug fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0701
MD5 | b3bf73f507172be9292ea2a8c28b659d
OpenSSL Toolkit 1.0.2e
Posted Dec 3, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fix applied to BN_mod_exp which may produce incorrect results on x86_64. Also addressed was a certificate verify crash with missing PSS parameter, an X509_ATTRIBUTE memory leak, and various other issues.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-3193, CVE-2015-3194, CVE-2015-3195
MD5 | 2218c1a6f807f7206c11eb3ee3a5ec80
OpenSSL Toolkit 1.0.2d
Posted Jul 9, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed certificate forgery vulnerability.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1793
MD5 | 38dd619b2e77cbac69b99f52a053d25a
OpenSSL Toolkit 1.0.2c
Posted Jun 15, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fix HMAC ABI incompatibility. The previous version introduced an ABI incompatibility in the handling of HMAC. The previous ABI has now been restored.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
MD5 | 8c8d81a9ae7005276e486702edbcd4b6
OpenSSL Toolkit 1.0.2b
Posted Jun 12, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Infinite loop on malformed ECParameters structure addressed. PKCS7 crash addressed. Various other issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
MD5 | 7729b259e2dea7d60b32fc3934d6984b
OpenSSL Toolkit 1.0.2a
Posted Mar 20, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: 12 security vulnerabilities have been addressed.
tags | tool, encryption, protocol
systems | unix
MD5 | a06c547dac9044161a477211049f60ef
SSLsplit 0.4.11
Posted Mar 18, 2015
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: Fix loading of certificate chains with OpenSSL 1.0.2 (issue #79). Fix build on Mac OS X 10.10.2 by improving XNU header selection.
tags | tool, encryption
MD5 | f29ac4ad7d3fdaf3d161b33c37fb4ddc
OpenSSL Toolkit 1.0.2
Posted Jan 22, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added support for OCB mode. SSLv2 support has been removed. Increased the minimal RSA keysize from 256 to 512 bits. Various other updates and fixes.
tags | tool, encryption, protocol, library
systems | unix
MD5 | 38373013fc85c790aabf8837969c5eba
OpenSSL Toolkit 1.0.1l
Posted Jan 15, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Build fixes for the Windows and OpenVMS platforms.
tags | tool, encryption, protocol, library
systems | unix
MD5 | cdb22925fc9bc97ccbf1e007661f2aa6
SSLsplit 0.4.10
Posted Nov 30, 2014
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: Multiple new options added. Startup memory leaks have been fixed. Minor bug fixes and improvements.
tags | tool, encryption
MD5 | d66918ad98a061f98c87534583b92284
SSLsplit 0.4.9
Posted Nov 4, 2014
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: No longer chroot() to /var/empty by default if run by root, in order to prevent breaking -S and sni proxyspecs (issue #21). Fixed segmentation fault when using -t without a CA. Various other updates.
tags | tool, encryption
MD5 | 90d3ea10c6c68d625164875d129a75f9
OpenSSL Toolkit 1.0.1j
Posted Oct 15, 2014
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple memory leaks fixed. SSLV3 Fallback and various other security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
MD5 | f7175c9cd3c39bb1907ac8bba9df8ed3
OpenSSL Toolkit 1.0.1i
Posted Aug 6, 2014
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Nine security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
MD5 | c8dc151a671b9b92ff3e4c118b174972
OpenSSL Toolkit 1.0.1h
Posted Jun 10, 2014
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Various security fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 8d6d684a9430d5cc98a62a5d8fbda8cf
SSLsplit 0.4.8
Posted Jan 16, 2014
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: This release adds experimental support for pf on Mac OS X, and adds support for pf divert-to on FreeBSD and OpenBSD. SSLsplit now removes headers advertising support for SPDY/QUIC from HTTP responses. Additionally, a number of segmentation faults, a memory leak, and a file descriptor leak have been fixed, greatly improving overall stability.
tags | tool, encryption
MD5 | 69599e796973e7c9a55f16b83b9626e7
OpenSSL Toolkit 1.0.1f
Posted Jan 10, 2014
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A TLS record tampering bug was fixed. A carefully crafted invalid handshake could crash OpenSSL with a NULL pointer exception (CVE-2013-4353). Original DTLS digest and encryption contexts are kept in retransmission structures so that the previous session parameters can be used if they need to be re-sent (CVE-2013-6450). A SSL_OP_SAFARI_ECDHE_ECDSA_BUG option (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X was added.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2013-4353, CVE-2013-6450
MD5 | f26b09c028a0541cab33da697d522b25
SSLsplit 0.4.7
Posted Jul 3, 2013
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: This release prevents IETF draft public key pinning by removing HPKP headers from responses. Also, remaining threading issues in daemon mode are fixed, and the connection log now contains the HTTP status code and the size of the response.
tags | encryption
MD5 | 7a1d2931c78736c006ee34dfb6be4a75
Page 1 of 11
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close