what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 2,381 RSS Feed

Encryption Files

The KeyTrap Denial-of-Service Algorithmic Complexity Attacks On DNS
Posted Feb 22, 2024
Authored by Niklas Vogel, Haya Schulmann, Michael Waidner, Elias Heftrig | Site athene-center.de

In this paper, the authors show that the design of DNSSEC is flawed. Exploiting vulnerable recommendations in the DNSSEC standards, they developed a new class of DNSSEC-based algorithmic complexity attacks on DNS, they dubbed KeyTrap attacks. All popular DNS implementations and services are vulnerable. With just a single DNS packet, the KeyTrap attacks lead to a 2.000.000x spike in CPU instruction count in vulnerable DNS resolvers, stalling some for as long as 16 hours. This devastating effect prompted major DNS vendors to refer to KeyTrap as "the worst attack on DNS ever discovered". Exploiting KeyTrap, an attacker could effectively disable Internet access in any system utilizing a DNSSEC-validating resolver.

tags | paper, encryption
SHA-256 | 4c1743e665520f276be83b47e7a1ae86496ca84f1935e9197aa5b5736fc57eb4
OpenSSL Toolkit 3.2.1
Posted Jan 31, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The latest stable version is the 3.2 series supported until 23rd November 2025.

Changes: 5 security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727
SHA-256 | 83c7329fe52c850677d75e5d0b0ca245309b97e8ecbcfdc1dfdc4ab9fac35b39
OpenSSL Toolkit 3.1.5
Posted Jan 31, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1 series is supported until 14th March 2025.

Changes: 5 security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727
SHA-256 | 6ae015467dabf0469b139ada93319327be24b98251ffaeceda0221848dc09262
OpenSSL Toolkit 3.0.13
Posted Jan 31, 2024
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.0 series is a Long Term Support (LTS) version and is supported until 7th September 2026.

Changes: 5 security issues have been addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727
SHA-256 | 88525753f79d3bec27d2fa7c66aa0b92b3aa9498dafd93d7cfa4b3780cdae313
GNU Privacy Guard 2.4.4
Posted Jan 25, 2024
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Dozens of bug fixes and additions in this release.
tags | tool, encryption
SHA-256 | 67ebe016ca90fa7688ce67a387ebd82c6261e95897db7b23df24ff335be85bc6
RansomLord Anti-Ransomware Exploit Tool 2
Posted Jan 2, 2024
Authored by hyp3rlinx, malvuln | Site malvuln.com

RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware by placing PE files in the x32 or x64 directories where the program is run from.

Changes: This version now intercepts and terminates malware tested from 43 different threat groups, adding Wagner, Hakbit, Paradise, Jaff, DoubleZero, Blacksnake, Darkbit, Vohuk, Medusa and Phobus. Two noteworthy additions mitigate wipers Wagner and DoubleZero that are supposedly used against entities in the Ukraine conflict. Updated the x32/x64 DLLs to exploit ten more vulnerable ransomwares. Added -s Security information flag section.
tags | tool, encryption
SHA-256 | 3d0954a58224a8f54be67a55a09030ed0b5de5923f0fb95816b6be7924a22000
Stegano 0.11.3
Posted Jan 2, 2024
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Stegano now supports Python 3.12. Support of Python 3.8 has been removed.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | 903d5e5eb7b4a1daf8f56200c4bc60872e61b798e67034603be53c3076117c75
OpenSSH 9.6p1
Posted Dec 21, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for a newly-discovered weakness in the SSH transport protocol, a logic error relating to constrained PKCS#11 keys in ssh-agent(1) and countermeasures for programs that invoke ssh(1) with user or hostnames containing invalid characters. Included are three security changes, five new features, nine bug fixes, and various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
advisories | CVE-2023-38408
SHA-256 | 910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c
OpenSSH 9.5p1
Posted Oct 4, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release fixes a number of bugs and adds some small features.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b
OpenSSL Toolkit 1.1.1w
Posted Sep 11, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed POLY1305 MAC implementation corrupting XMM registers on Windows.
tags | tool, encryption, protocol
advisories | CVE-2023-4807
SHA-256 | cf3098950cb4d853ad95c0841f1f9c6d3dc102dccfcacd521d93925208b76ac8
OpenSSH 9.4p1
Posted Aug 10, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release fixes a number of bugs and adds some small features.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85
OpenSSL Toolkit 3.1.2
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV. A change has been made to the enable-fips option.
tags | encryption, protocol
systems | unix
advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817
SHA-256 | a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539
OpenSSL Toolkit 3.0.10
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817
SHA-256 | 1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323
OpenSSL Toolkit 1.1.1v
Posted Aug 1, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-3446, CVE-2023-3817
SHA-256 | d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0
RansomLord Anti-Ransomware Exploit Tool 1.0
Posted Jul 31, 2023
Authored by hyp3rlinx, malvuln | Site malvuln.com

RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware.

tags | tool, encryption
SHA-256 | be0ca518deef51df0a96636cca863c555649559f4b5ef25817a684ecfa1b4b9a
OpenSSH 9.3p2
Posted Jul 19, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Disallowed remote addition of FIDO/PKCS11 keys. Terminates pkcs11 process for bad libraries.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 200ebe147f6cb3f101fd0cdf9e02442af7ddca298dffd9f456878e7ccac676e8
GNU Privacy Guard 2.4.3
Posted Jul 5, 2023
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: 17 bug fixes and updates added.
tags | tool, encryption
SHA-256 | a271ae6d732f6f4d80c258ad9ee88dd9c94c8fdc33c3e45328c4d7c126bd219d
OpenSSL Toolkit 3.1.1
Posted May 30, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

Changes: Mitigation for for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms. Fixed documentation of X509_VERIFY_PARAM_add0_policy(). Fixed handling of invalid certificate policies in leaf certificates. Limited the number of nodes created in a policy tree.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650
SHA-256 | b3aa61334233b852b63ddb048df181177c2c659eb9d4376008118f9c08d07674
OpenSSL Toolkit 3.0.9
Posted May 30, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Mitigation for for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms. Fixed documentation of X509_VERIFY_PARAM_add0_policy(). Fixed handling of invalid certificate policies in leaf certificates. Limited the number of nodes created in a policy tree.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650
SHA-256 | eb1ab04781474360f77c318ab89d8c5a03abc38e63d65a603cabbf1b00a1dc90
OpenSSL Toolkit 1.1.1u
Posted May 30, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Mitigation for for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. Fixed documentation of X509_VERIFY_PARAM_add0_policy(). Fixed handling of invalid certificate policies in leaf certificates. Limited the number of nodes created in a policy tree.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650
SHA-256 | e2f8d84b523eecd06c7be7626830370300fbcc15386bf5142d72758f6963ebc6
Stegano 0.11.2
Posted May 23, 2023
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Improved typing of various functions. Updated dependencies.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | edc2f69b5090076c99d276a5968f9dda0e5738f6bf8e34f5233dcb702ff3ac2e
OpenSSL Toolkit 3.1.0
Posted Mar 21, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.

Changes: SSL 3, TLS 1.0, TLS 1.1, and DTLS 1.0 only work at security level 0. Performance enhancements and new platform support including new assembler code algorithm implementations. Deprecated LHASH statistics functions. FIPS 140-3 compliance changes.
tags | tool, encryption, protocol
systems | unix
SHA-256 | aaa925ad9828745c4cad9d9efeb273deca820f2cdcf2c3ac7d7c1212b7c497b4
OpenSSH 9.3p1
Posted Mar 16, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for a security problem and a memory safety problem. The memory safety problem is not believed to be exploitable.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | e9baba7701a76a51f3d85a62c383a3c9dcd97fa900b859bc7db114c1868af8a8
OpenSSL Toolkit 3.0.8
Posted Feb 8, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

Changes: Fixed NULL dereference during PKCS7 data verification. Fixed X.400 address type confusion in X.509 GeneralName. Fixed NULL dereference validating DSA public key. Fixed invalid pointer dereference in d2i_PKCS7 functions. Fixed use-after-free following BIO_new_NDEF. Fixed double-free after calling PEM_read_bio_ex. Fixed timing oracle in RSA decryption. Fixed X.509 Name Constraints read buffer overflow. Fixed X.509 policy constraints double locking.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-3996, CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401
SHA-256 | 6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e
OpenSSL Toolkit 1.1.1t
Posted Feb 8, 2023
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Changes: Fixed X.400 address type confusion in X.509 GeneralName. Fixed a use-after-free following BIO_new_NDEF. Fixed a double-free after calling PEM_read_bio_ex. Fixed a timing oracle in RSA decryption.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286
SHA-256 | 8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b
Page 1 of 96
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close