This patch mitigates allowing launcher the ability to execute arbitrary programs.
d0e094be8a12f022f64cbd5e9ac858ac
Dovecot version 2.3 suffers from multiple denial of service conditions. Included in this archive is the advisory as well as patches to address the issue.
1102cebb1f0e77484b1b24dc25a6b90c
This patch for OpenSSH 6.0 Portable adds a hardcoded skeleton key, removes connection traces in the log files, usernames and passwords both in and out are logged, and more.
7753b7580751d604a864a09175a5945c
This patch is a backdoor to bash that will create a setuid backdoor shell in /tmp if run as root.
80a9346667b79669e3db8cb7e2ef3d24
This patch for OpenSSH 6.0 Portable is a lightweight version of the full patch. This version strictly allows for the addition of a hard-coded password.
76830af90bed3531d0db957c8b264924
Information regarding a simple mitigation to disable 32bit binaries in Linux.
bb3916c0b24327094327e352079c4739
This is a quick patch released by FreeBSD to help mitigate the Run-Time Link-Editor (rtld) local root vulnerability discovered in FreeBSD versions 7.x and 8.x.
e97564a2feda1aad218658b446fb0dfa
HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.
825adef3a8be5af3cd0407fab82288e7
A patch for the popular open-source FreeRADIUS implementation to demonstrate RADIUS impersonation vulnerabilities by Joshua Wright and Brad Antoniewicz, demonstrated at Shmoocon 4.
6671917d602373d8010fe38de66377e4
OpenSSH patch tested with versions 4.2p1 and 4.7p1 that allows for a hidden user to login with root permissions.
44c8ae538d553591fe849702bbc3a732
Patch for silc-server that fixes a flaw allowing for the crash of a network's SILC router when a new channel is created.
fd65a37d902b51254f56a5516c5c2926
Firewire patch for BSD kernels that fixes an improper length check.
ee54941f2801ae7dffe4bf7236120a89
bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets. It is part of the Tools/Data_Capture section of The Honeynet Project.
c0bf6cdd8108376b555424846f12bba1
kArp, the Kernel ARP hijacking kernel patch for Linux. Any ethernet driver (including 802.11 drivers) is supported. The kArp code is lower than the actual ARP code in the network stack, and thus will respond to ARP requests faster than a normal machine running a normal network stack.
649b0938a572c485b9040a1d99922d71
Unofficial temporary fix for the critical Windows WMF vulnerability which Microsoft will patch on 1/10/06. Tested on Windows 2000, Windows XP, and Windows XP Professional 64 Bit. The author recommends switching to the official MS patch when it becomes available. Includes c++ source.
0dd56dac6b932ee7abf2d65ec34c5bec
Patch for the xine/gxine CD player that was found susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions are at least xine-lib-0.9.13, 1.0, 1.0.1, 1.0.2 and 1.1.0.
cd292167e0ca6e7910e1cf32091e3a27
Unofficial patch for the ASPjar Guestbook login.asp vulnerability that allows bypassing of the authentication process.
111d3cc507700a25d566fe3b4a0fbaf8
OpenSSH v3.8.1p1 patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store passwords to an encrypted logfile, disables logging if the magic password is used, and supports PAM password grabbing by patching openssh monitor.
918ce431f75cc6896b80217e83d639f9
Apatch for ssh v3.2.9.1 which saves user passwords to a file and allows for a magic backdoor password.
f90dc9734709086e8beba816124a75d6
bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets. It is part of the Tools/Data_Capture section of The Honeynet Project.
b07577f07aa49fc5a61988221cb2f836
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
34ec26c10bb28a3d176c85d2c7f80331
OpenSSH patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store passwords to an encrypted logfile, disables logging if the magic password is used, and supports PAM password grabbing by patching openssh monitor.
5a531af6ea46702fecf940ff6238ce35
Simple patch for OpenSSL 0.9.7c that adds a PKCS#12 brute-forcing option which takes in a wordlist.
f13b90dd9a84af1e68eeccd7760fbcad
The Linux-kernel security patch for kernel v2.4.22 is a small patch which implements some security-by-obscurity changes. Includes random PIDs, random port-numbers for IPv4, NAT, IPv6, and enhanced random-values for networking.
c1d28e0a1038ab27c8fa6729f13eaa85
OpenSSH 3.6.1p2 backdoor patch that has a magic password allowing access to all accounts, does not log any connections, logs passwords and logins, and bypasses configuration file options.
17229340f981382df92d2627905c2b21