exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 50 of 89

Files from Damien Miller

OpenSSH 7.3p1

Posted Aug 2, 2016

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple updates including a security fix.

tags | tool, encryption

systems | linux, unix, openbsd

advisories | CVE-2016-6210

SHA-256 | efc912a2ef7e938fa36df6787cd9d21b45463cd4f9d70764e9e61a961786691b

Download | Favorite | View

OpenSSH 7.2p2

Posted Mar 12, 2016

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Added sanitization for characters destined for xauth(1).

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | a72781d1a043876a224ff1b0032daa4094d87565a68528759c1c2cab5482548c

Download | Favorite | View

OpenSSH 7.2p1

Posted Feb 29, 2016

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Skip PrintLastLog in config dump mode. Added a note about using xlc on AIX. Various other bug fixes.

tags | tool, encryption

systems | linux, openbsd

SHA-256 | 973cc37b2f3597e4cf599b09e604e79c0fe5d9b6f595a24e91ed0662860b4ac3

Download | Favorite | View

OpenSSH 7.1p2

Posted Jan 15, 2016

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Forcibly disables roaming support in the client. Various other bug fixes.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd

Download | Favorite | View

OpenSSH 7.1p1

Posted Aug 25, 2015

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a bugfix release. OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428

Download | Favorite | View

OpenSSH 7.0p1

Posted Aug 13, 2015

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is primarily a bugfix release.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | fd5932493a19f4c81153d812ee4e042b49bbd3b759ab3d9344abecc2bc1485e5

Download | Favorite | View

OpenSSH 6.9p1

Posted Jul 1, 2015

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is primarily a bugfix release.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | 6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfe

Download | Favorite | View

OpenSSH 6.8p1

Posted Mar 19, 2015

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a major release, containing a number of new features as well as a large internal re-factoring.

tags | encryption

systems | linux, unix, openbsd

SHA-256 | 3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e

Download | Favorite | View

OpenSSH 6.7p1

Posted Oct 7, 2014

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | 3246aa79317b1d23cae783a3bf8275d6

Download | Favorite | View

OpenSSH 6.6p1

Posted Mar 16, 2014

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | 48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb

Download | Favorite | View

OpenSSH 6.5p1

Posted Jan 31, 2014

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a feature-focused release. New features include new ciphers and key types, a new private key format, and rejection of connection requests from old insecure clients. There are also a number of bug fixes.

tags | tool, encryption

systems | linux, unix, openbsd

SHA-256 | a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027

Download | Favorite | View

OpenSSH 5.9p1

Posted Sep 6, 2011

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release added experimental sandboxing of network-facing code during the pre-authentication phase and SHA2-based HMAC modes for the SSH transport. sshd now sends logs from the privilege-separated process via a pipe, eliminating the need for /var/empty/dev/log. There were many more bugfixes and changes.

tags | encryption

systems | linux, unix, openbsd

SHA-256 | 6497ed9245fd883ef37cc984504ec91b1b780335510e1b353bedc9a0d6466a63

Download | Favorite | View

OpenSSH 5.8p2

Posted May 4, 2011

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Fixed a local private host key compromise on platforms without host-level randomness support.

tags | encryption

systems | linux, unix, openbsd

SHA-256 | e5a1c821dd8dc33a94c445290956d52e03b3c450f9cd448b96d92317fd4cce42

Download | Favorite | View

OpenSSH Security Advisory - Unauthorized Access

Posted May 4, 2011

Authored by Damien Miller | Site openssh.com

OpenSSH Security Advisory - Portable OpenSSH prior to version 5.8p2 only on platforms that are configured to use ssh-rand-helper for entropy collection. ssh-rand-helper is enabled at configure time when it is detected that OpenSSL does not have a built-in source of randomness, and only used at runtime if this condition remains. Platforms that support /dev/random or otherwise configure OpenSSL with a random number provider are not vulnerable. Version 5.8p2 fixes this issue.

tags | advisory

SHA-256 | 486207ec2f9fb1f7152210c018051c0a98ac5a4908b2ab16da056d78f48c5319

Download | Favorite | View

OpenSSH 5.7p1

Posted Jan 24, 2011

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: ECC support for kex exchange and public key authentication, SFTP hard link support, improved QoS/DSCP support, bandwidth limiting for SFTP, and more.

tags | encryption

systems | linux, unix, openbsd

SHA-256 | 59057d727d902d8b04b2ce0ba8f288c6e02cb65aca183cc8d559a4a66426581b

Download | Favorite | View

OpenSSH 5.6p1

Posted Aug 27, 2010

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. Hostbased authentication may now use certificate host keys. ssh-keygen(1) now supports signing certificate using a CA key that has been stored in a PKCS#11 token. Various other additions and bug fixes.

tags | encryption

systems | linux, openbsd

SHA-256 | 538af53b2b8162c21a293bb004ae2bdb141abd250f61b4cea55244749f3c6c2b

Download | Favorite | View

OpenSSH 5.4p1

Posted Mar 8, 2010

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a major feature and bugfix release. Major changes include disabling SSH protocol 1 by default, removal of legacy OpenSC/libsectok smartcard support, addition of PKCS#11 support, introduction of a new certificate authentication method for users and hosts, revised session multiplexing code, many improvements to sftp from the Google Summer of Code 2009, and lots of bugfixes.

tags | encryption

systems | linux, openbsd

SHA-256 | ae96e70d04104824ab10f0d7aaef4584ac96b2a870adfcd8b457d836c8c5404e

Download | Favorite | View

jBCrypt Entropy Reduction

Posted Feb 2, 2010

Authored by Damien Miller

jBCrypt versions prior to 0.3 suffered from a bug related to character encoding that substantially reduced the entropy of hashed passwords containing non US-ASCII characters.

tags | advisory

SHA-256 | dd72d7dabb106e0710c14a2f1935188fc712a50d8d1d76a5ac6d2777e8f3c708

Download | Favorite | View

Open Source CERT Security Advisory 2009.10

Posted Jul 14, 2009

Authored by Chris Evans, Damien Miller, Open Source CERT

The mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.

tags | advisory, remote, overflow, cgi, code execution

advisories | CVE-2009-1382, CVE-2009-1383

SHA-256 | 0181f431cd410e4c33142e0c3e7cd11c54e2c56b58df8719276e741e9c0c3aed

Download | Favorite | View

openssh-5.0p1.tar.gz

Posted May 2, 2008

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes including a security fix.

tags | encryption

systems | linux, openbsd

SHA-256 | 73a58620cd475155be8524f46997ba1942bc9e54204eeb15f0465e54ca279f4f

Download | Favorite | View

openssh-4.7p1.tar.gz

Posted Sep 5, 2007

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes including a security fix.

tags | encryption

systems | linux, openbsd

SHA-256 | d47133f0c6737d2889bf8da7bdf389fc2268d1c7fa3cd11a52451501eab548bc

Download | Favorite | View

openssh-4.6p1.tar.gz

Posted Mar 20, 2007

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: See changelog.

tags | encryption

systems | linux, openbsd

SHA-256 | 7bbe277faa80c8d8d9cb96111db65fc0007d451784cc459207cd46b746a6f23a

Download | Favorite | View

openssh-4.5p1.tar.gz

Posted Nov 9, 2006

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple bug fixes including a security fix.

tags | encryption

systems | linux, openbsd

SHA-256 | 7046b9d372f9e31ca654a66492310c188470480ddab300eb715dbf5e2177ae55

Download | Favorite | View

openssh-4.3p2.tar.gz

Posted Feb 10, 2006

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Various bug fixes.

tags | encryption

systems | linux, openbsd

SHA-256 | 4ba757d6c933e7d075b6424124d92d197eb5d91e4a58794596b67f5f0ca21d4f

Download | Favorite | View

openssh-4.2p1.tar.gz

Posted Oct 3, 2005

Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Fixes a security hole which is there if GSSAPIAuthentication is enabled, which is not the default. Fixed some other small bugs.

tags | encryption

systems | linux, openbsd

SHA-256 | 2a61e84b36958c0af19e4f6f9f3e27f8ed432a5188d654e26602402fd4047f6d

Download | Favorite | View