what you don't know can hurt you
Showing 51 - 75 of 95 RSS Feed

Files

OpenSSL Toolkit 1.0.2b
Posted Jun 12, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Infinite loop on malformed ECParameters structure addressed. PKCS7 crash addressed. Various other issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
MD5 | 7729b259e2dea7d60b32fc3934d6984b

Related Files

OpenSSL Toolkit 1.0.0b
Posted Nov 18, 2010
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed extension code to avoid race conditions which can result in a buffer overrun vulnerability.
tags | encryption, protocol
systems | unix
advisories | CVE-2010-3864
MD5 | 104deb3b7e6820cae6de3f49ba0ff2b0
OpenSSL Toolkit 1.0.0a
Posted Jun 3, 2010
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A security vulnerability which could potentially be exploited to bypass key validation was resolved.
tags | encryption, protocol
advisories | CVE-2010-1633
MD5 | e3873edfffc783624cfbdb65e2249cbd
OpenSSL Toolkit 1.0.0
Posted Mar 31, 2010
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Connection renegotiation was vastly improved to overcome protocol weaknesses. A recently introduced "Record of death" vulnerability was resolved. A possible crash, reported as CVE-2010-0433, was fixed. Some memory leaks were resolved. Initial TLSv1.1 support was added. Handling of TLS versions 2.0 and later was improved, and the highest version is now selected. Support for MD2 has been deprecated. Support for companion-algorithm specific ASN1 signing routines was added. Signature dumping was improved. Many other improvements and minor bugfixes were made.
tags | encryption, protocol
advisories | CVE-2010-0433
MD5 | 89eaa86e25b2845f920ec00ae4c864ed
OpenSSL 0.9.8l
Posted Nov 6, 2009
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixes to stateless session resumption handling were made. Error return checking was improved for several function calls. Leading 0x80 in OIDs are no longer tolerated. The server certificate chain building code now correctly uses X509_verify_cert(). A potential denial of service attack in dtls1_process_out_of_seq_message() was resolved. Several other bugs were fixed.
tags | encryption, protocol
advisories | CVE-2009-3555
MD5 | 05a0ece1372392a2cf310ebb96333025
OpenSSL Toolkit
Posted Mar 30, 2009
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Three security flaws of moderate severity were fixed - Printing the contents of an ASN1 certificate with an illegal encoded length could cause an application crash. CMS verification could cause an invalid set of signed attributes to appear valid. A malformed ASN1 structure could cause invalid memory access. Further minor modifications were made.
tags | encryption, protocol
advisories | CVE-2009-0590, CVE-2009-0591, CVE-2009-0789
MD5 | e555c6d58d276aec7fdc53363e338ab3
openssl-0.9.8i.tar.gz
Posted Sep 16, 2008
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a state transition in s3_srvr.c and d1_srvr.c. Various precautionary measures added. Support added for Local Machine Keyset attribute in PKCS#12 files. Various other additions as well.
tags | encryption, protocol
MD5 | 561e00f18821c74b2b86c8c7786f9d8b
openssl-0.9.8h.tar.gz
Posted May 28, 2008
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Two crash related security flaws have been fixed in this version.
tags | encryption, protocol
advisories | CVE-2008-0891, CVE-2008-1672
MD5 | 7d3d41dafc76cf2fcb5559963b5783b3
openssl-dos.txt
Posted Dec 24, 2007
Authored by Noam Rathaus | Site beyondsecurity.com

OpenSSL versions below 0.9.7l and 0.9.8d SSLv2 client crash exploit.

tags | exploit, denial of service
advisories | CVE-2006-4343
MD5 | f4bd6345c08e17578445a78765285d26
openssl-0.9.8g.tar.gz
Posted Oct 22, 2007
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Various bug fixes.
tags | encryption, protocol
MD5 | acf70a16359bf3658bdfb74bda1c4419
openssl-0.9.8f.tar.gz
Posted Oct 13, 2007
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple security fixes.
tags | encryption, protocol
advisories | CVE-2007-4995, CVE-2007-5135
MD5 | 114bf908eb1b293d11d3e6b18a09269f
OpenSSL-12-Oct-2007.txt
Posted Oct 13, 2007
Authored by Ben Laurie | Site openssl.org

OpenSSL Security Advisory - Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. All versions of 0.9.8 prior to 0.9.8f are affected. Moritz Jodeit found an off-by-one error in SSL_get_shared_ciphers(), a function that should normally only be used for logging or debugging. All releases of 0.9.8 prior to 0.9.8f and all releases of 0.9.7 prior to 0.9.7m are affected.

tags | advisory
advisories | CVE-2007-4995, CVE-2007-5135
MD5 | 930dc9a42ecda065f6b34cdb7909144f
openssl-offbyone.txt
Posted Sep 28, 2007
Authored by Moritz Jodeit

OpenSSL versions before 0.9.7m and 0.9.8e suffer from an off-by-one buffer overflow in SSL_get_shared_ciphers().

tags | advisory, overflow
MD5 | 3d7843c79ac6b8326682eeccba09d0a5
openssl-0.9.8e.tar.gz
Posted Mar 20, 2007
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: See changelog.
tags | encryption, protocol
MD5 | 3a7ff24f6ea5cd711984722ad654b927
openssl-0.9.7k.tar.gz
Posted Sep 7, 2006
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: RSA Signature forgery security fix.
tags | encryption, protocol
advisories | CVE-2006-4339
MD5 | be6bba1d67b26eabb48cf1774925416f
openssl-0.9.8c.tar.gz
Posted Sep 7, 2006
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: RSA Signature forgery security fix.
tags | encryption, protocol
advisories | CVE-2006-4339
MD5 | 78454bec556bcb4c45129428a766c886
openssl-0.9.8b.tar.gz
Posted May 4, 2006
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Various bug fixes and enhancements.
tags | encryption, protocol
MD5 | 12cedbeb6813a0d7919dbf1f82134b86
openssl-0.9.7g.tar.gz
Posted Apr 17, 2005
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixes for newer kerberos headers. Added support for proxy certificates according to RFC 3820.
tags | encryption, protocol
MD5 | 991615f73338a571b6a1be7d74906934
openssl-0.9.7e.tar.gz
Posted Oct 27, 2004
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixes a race condition when CRLs are checked in a multi threaded environment. This would happen due to the reordering of the revoked entries during signature checking and serial number lookup. Various other fixes and some additions.
tags | encryption, protocol
MD5 | a8777164bca38d84e5eb2b1535223474
opensslAgain.txt
Posted Oct 2, 2003
Authored by Patrik Hornik

Originally discovered in the source code for build 32 of the RedHat OpenSSL rpm, another denial of service vulnerability was recently discovered that would disable an SSLv2 server. Any build after 32 of the RedHat RPM and 0.9.7c of OpenSSL have already addressed and fixed this issue.

tags | advisory, denial of service
systems | linux, redhat
MD5 | a8f68845a0c4c5d60bb243710bfe752c
openssl-0.9.7c.tar.gz
Posted Sep 30, 2003
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixes known ASN.1 parsing vulnerabilities discussed here.
tags | encryption, protocol
MD5 | c54fb36218adaaaba01ef733cd88c8ec
openssl-uzi.tar.gz
Posted Apr 1, 2003
Authored by Harden

OpenSSL-uzi is a semi-automatic mass rooter which uses the openssl-too-open exploit against multiple hosts.

tags | exploit
MD5 | 46e7d4d5419bfda0d2d63b907ff07294
openssl-0.9.7.tar.gz
Posted Dec 31, 2002
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added assertions to check for supposedly impossible buffer overflows, Added CRYPTO_realloc_clean() to avoid information leakage when resizing buffers containing secrets, and fixed several other bugs.
tags | encryption, protocol
MD5 | ef376d14205afcfb831cd3720f705d79
openssl-0.9.6h.tar.gz
Posted Dec 6, 2002
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed initialization code race conditions in lots of functions. Fixed several other bugs and added some minor new features.
tags | encryption, protocol
MD5 | 621bef36ad61012bb71945a1cb449073
openssl-bsd.c
Posted Sep 30, 2002

Apache + OpenSSL v0.9.6d and below exploit for FreeBSD. Tested on FreeBSD 4.4-STABLE, FreeBSD 4.4-RELEASE, FreeBSD 4.5-RELEASE, and FreeBSD 4.6-RELEASE-p1 with Apache-1.3.26 and Apache-1.3.19. Modified to brute force the offset from openssl-too-open.c. Updated by Ech0, and ysbadaddn.

tags | exploit
systems | freebsd
MD5 | 93c74bbed4fa5628590f8a08cc6a569d
openssl-too-open.tar.gz
Posted Sep 17, 2002
Authored by Solar Eclipse | Site phreedom.org

OpenSSL v0.9.6d and below remote exploit for Apache/mod_ssl servers which takes advantage of the KEY_ARG overflow. Tested against most major Linux distributions. Gives a remote nobody shell on Apache and remote root on other servers. Includes an OpenSSL vulnerability scanner which is more reliable than the RUS-CERT scanner and a detailed vulnerability analysis.

tags | exploit, remote, overflow, shell, root
systems | linux
MD5 | 6c37282f541f13add85e5b2b76e3678e
Page 3 of 4
Back1234Next

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    22 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close