Showing 1 - 25 of 53

Files from Damien Miller

Email address	djm at mindrot.org
First Active	1999-08-17
Last Active	2011-09-06

OpenSSH 5.9p1: Posted Sep 6, 2011; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: This release added experimental sandboxing of network-facing code during the pre-authentication phase and SHA2-based HMAC modes for the SSH transport. sshd now sends logs from the privilege-separated process via a pipe, eliminating the need for /var/empty/dev/log. There were many more bugfixes and changes.; tags | encryption; systems | linux, unix, openbsd; MD5 | b50a499fa02616a47984b1920848b565; Download | Favorite | Comments (0)

OpenSSH 5.8p2: Posted May 4, 2011; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Fixed a local private host key compromise on platforms without host-level randomness support.; tags | encryption; systems | linux, unix, openbsd; MD5 | 88a4a83b0e0e60cd545430d4e4bd7e0c; Download | Favorite | Comments (0)

OpenSSH Security Advisory - Unauthorized Access: Posted May 4, 2011; Authored by Damien Miller | Site openssh.com; OpenSSH Security Advisory - Portable OpenSSH prior to version 5.8p2 only on platforms that are configured to use ssh-rand-helper for entropy collection. ssh-rand-helper is enabled at configure time when it is detected that OpenSSL does not have a built-in source of randomness, and only used at runtime if this condition remains. Platforms that support /dev/random or otherwise configure OpenSSL with a random number provider are not vulnerable. Version 5.8p2 fixes this issue.; tags | advisory; MD5 | f15b5dfa05ec80fa52fc6f597f73448b; Download | Favorite | Comments (0)

OpenSSH 5.7p1: Posted Jan 24, 2011; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: ECC support for kex exchange and public key authentication, SFTP hard link support, improved QoS/DSCP support, bandwidth limiting for SFTP, and more.; tags | encryption; systems | linux, unix, openbsd; MD5 | 50231fa257219791fa41b84a16c9df04; Download | Favorite | Comments (0)

OpenSSH 5.6p1: Posted Aug 27, 2010; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. Hostbased authentication may now use certificate host keys. ssh-keygen(1) now supports signing certificate using a CA key that has been stored in a PKCS#11 token. Various other additions and bug fixes.; tags | encryption; systems | linux, openbsd; MD5 | e6ee52e47c768bf0ec42a232b5d18fb0; Download | Favorite | Comments (0)

OpenSSH 5.4p1: Posted Mar 8, 2010; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: This is a major feature and bugfix release. Major changes include disabling SSH protocol 1 by default, removal of legacy OpenSC/libsectok smartcard support, addition of PKCS#11 support, introduction of a new certificate authentication method for users and hosts, revised session multiplexing code, many improvements to sftp from the Google Summer of Code 2009, and lots of bugfixes.; tags | encryption; systems | linux, openbsd; MD5 | da10af8a789fa2e83e3635f3a1b76f5e; Download | Favorite | Comments (0)

jBCrypt Entropy Reduction: Posted Feb 2, 2010; Authored by Damien Miller; jBCrypt versions prior to 0.3 suffered from a bug related to character encoding that substantially reduced the entropy of hashed passwords containing non US-ASCII characters.; tags | advisory; MD5 | d7a5b239702b98ba4f71ff8bbcdc491a; Download | Favorite | Comments (0)

Open Source CERT Security Advisory 2009.10: Posted Jul 14, 2009; Authored by Chris Evans, Damien Miller, Open Source CERT; The mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.; tags | advisory, remote, overflow, cgi, code execution; advisories | CVE-2009-1382, CVE-2009-1383; MD5 | c7054415cf4b97f427efeec7cef352ed; Download | Favorite | Comments (0)

openssh-5.0p1.tar.gz: Posted May 2, 2008; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Multiple bug fixes including a security fix.; tags | encryption; systems | linux, openbsd; MD5 | 1f1dfaa775f33dd3328169de9bdc292a; Download | Favorite | Comments (0)

openssh-4.7p1.tar.gz: Posted Sep 5, 2007; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Multiple bug fixes including a security fix.; tags | encryption; systems | linux, openbsd; MD5 | 50a800fd2c6def9e9a53068837e87b91; Download | Favorite | Comments (0)

openssh-4.6p1.tar.gz: Posted Mar 20, 2007; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: See changelog.; tags | encryption; systems | linux, openbsd; MD5 | 6a7fa99f44d9e1b5b04d15256e1405bb; Download | Favorite | Comments (0)

openssh-4.5p1.tar.gz: Posted Nov 9, 2006; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Multiple bug fixes including a security fix.; tags | encryption; systems | linux, openbsd; MD5 | 6468c339886f78e8a149b88f695839dd; Download | Favorite | Comments (0)

openssh-4.3p2.tar.gz: Posted Feb 10, 2006; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Various bug fixes.; tags | encryption; systems | linux, openbsd; MD5 | 7e9880ac20a9b9db0d3fea30a9ff3d46; Download | Favorite | Comments (0)

openssh-4.2p1.tar.gz: Posted Oct 3, 2005; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Fixes a security hole which is there if GSSAPIAuthentication is enabled, which is not the default. Fixed some other small bugs.; tags | encryption; systems | linux, openbsd; MD5 | df899194a340c933944b193477c628fa; Download | Favorite | Comments (0)

openssh-4.1p1.tar.gz: Posted Jun 16, 2005; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Bugfix release only, no new security features.; tags | encryption; systems | linux, openbsd; MD5 | 959c663e709c981f07a3315bfd64f3d0; Download | Favorite | Comments (0)

openssh-4.0p1.tar.gz: Posted Mar 22, 2005; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Known_hosts can hash hostnames to improve privacy. Version 4.0 fixes many bugs and spelling errors, and adds new features. For instance, it now allows you to specify a local address when using port forwarding. Improved account and password expiry support, command history, editing to sftp and improved session multiplexing.; tags | encryption; systems | linux, openbsd; MD5 | 7b36f28fc16e1b7f4ba3c1dca191ac92; Download | Favorite | Comments (0)

openssh-3.9p1.tar.gz: Posted Aug 19, 2004; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Various bug fixes and enhancements.; tags | encryption; systems | linux, openbsd; MD5 | 8e1774d0b52aff08f817f3987442a16e; Download | Favorite | Comments (0)

openssh-3.8p1.tar.gz: Posted Mar 22, 2004; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Various bug fixes.; tags | encryption; systems | linux, openbsd; MD5 | 7861a4c0841ab69a6eec5c747daff6fb; Download | Favorite | Comments (0)

openssh-3.7.1p2.tar.gz: Posted Sep 23, 2003; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Fixes a remotely exploitable vulnerability added in the PAM code of releases 3.7p1 and 3.7.1p1.; tags | encryption; systems | linux, openbsd; MD5 | 61cf5b059938718308836d00f6764a94; Download | Favorite | Comments (0)

sshpam.adv: Posted Sep 23, 2003; Authored by Damien Miller | Site openssh.com; Both OpenSSH portable versions 3.7p1 and 3.7.1p1 contain multiple vulnerabilities in the new PAM code with at least one of the bugs being remotely exploitable.; tags | advisory, vulnerability; MD5 | 868be897e96bbda356e3badabf5935ed; Download | Favorite | Comments (0)

openssh-3.7.1p1.tar.gz: Posted Sep 18, 2003; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Various bug fixes, including a security fix for the buffer management vulnerabilities. Full changelog available here.; tags | encryption; systems | linux, openbsd; MD5 | f54e574e606c08ef63ebb1ab2f7689dc; Download | Favorite | Comments (0)

openssh-3.6.1p1.tar.gz: Posted Apr 15, 2003; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups. Changelog available here.; Changes: Fixed bugs and automatic rekeying. Fixed a bug which caused stalled connections. Included lots of minor bug fixes from the OpenBSD tree.; tags | encryption; systems | linux, openbsd; MD5 | d4c2c88b883f097fe88e327cbb4b2e2a; Download | Favorite | Comments (0)

openssh-3.5p1.tar.gz: Posted Oct 16, 2002; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: sshd_config now understands PermitUserEnvironment which allows users to specify environment options in ~/.ssh/authorized_keys. Fixed some bugs. Full changelog available here.; tags | encryption; systems | linux, openbsd; MD5 | 42bd78508d208b55843c84dd54dea848; Download | Favorite | Comments (0)

openssh-3.4p1.tar.gz: Posted Oct 16, 2002; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Fixes major security vulnerabilities which exist in versions 2.9.9 to 3.3. The 3.4 release contains many fixes that were made during a week-long audit started when the recent security issue came to light. Some of those fixes are likely to be important security fixes. Therefore, upgrading to 3.4 is recommended. Full changelog available here.; tags | encryption; systems | linux, openbsd; MD5 | 459c1d0262e939d6432f193c7a4ba8a8; Download | Favorite | Comments (0)

openssh-3.3p1.tar.gz: Posted Jun 25, 2002; Authored by Damien Miller | Site openssh.com; This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.; Changes: Includes privilege separation which can help mitigate remote vulnerabilities. Still contains some remote vulnerabilities. Added new ssh-keysign program and removed setuid from ssh client. Full changelog available here.; tags | encryption; systems | linux, openbsd; MD5 | 226fdde5498c56288e777c7a697996e0; Download | Favorite | Comments (0)

Page 1 of 3 Back 1 2 3 Next

Top Authors In Last 30 Days

Heine Pedersen 29 files
Torben Jensen 29 files
Red Hat 25 files
Ubuntu 24 files
Debian 24 files
Mandriva 15 files
sinn3r 12 files
the_cyber_nuxbie 11 files
L3b-r1'z 10 files
Am!r 9 files

File Archives

Systems

AIX (352)
Apple (963)
BSD (302)
Cisco (1,248)
Debian (3,803)
Fedora (1,660)
FreeBSD (1,024)
Gentoo (2,468)
HPUX (685)
iPhone (95)
IRIX (217)
Juniper (60)
Linux (20,653)
Mac OS X (415)
Mandriva (2,205)
NetBSD (235)
OpenBSD (414)
RedHat (2,431)
Slackware (378)
Solaris (1,472)
SUSE (1,228)
Ubuntu (2,729)
UNIX (6,852)
UnixWare (148)
Windows (4,019)
Other

Files from Damien Miller

File Archive:

May 2012

Top Authors In Last 30 Days

File Tags

File Archives

Systems