fp-2.4.22.patch.gz
The Linux-kernel security patch for kernel v2.4.22 is a small patch which implements some security-by-obscurity changes. Includes random PIDs, random port-numbers for IPv4, NAT, IPv6, and enhanced...
View Articlepkcs12bf.tar.gz
Simple patch for OpenSSL 0.9.7c that adds a PKCS#12 brute-forcing option which takes in a wordlist.
View Articleapatch-ssh.tar.gz
OpenSSH patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store...
View Articlehap-linux-2.2.26-1.diff
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and...
View Articlebash-perassi.patch
bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets....
View Articleapatch-ssh-3.2.9.1
Apatch for ssh v3.2.9.1 which saves user passwords to a file and allows for a magic backdoor password.
View Articleapatch-ssh-3.8.1p1.tar.gz
OpenSSH v3.8.1p1 patchkit that patches both the client and daemon to log all incoming and outgoing logins and passwords, adds a magic password for sshd, can send uuencoded logs outbound via smtp, store...
View ArticleaspjarPatch.txt
Unofficial patch for the ASPjar Guestbook login.asp vulnerability that allows bypassing of the authentication process.
View Articlexine-lib.formatstring.patch
Patch for the xine/gxine CD player that was found susceptible to a remote format string bug. The vulnerable code is found in the xine-lib library that both xine and gxine use. The vulnerable versions...
View ArticleWMFHotfix-1.4.msi
Unofficial temporary fix for the critical Windows WMF vulnerability which Microsoft will patch on 1/10/06. Tested on Windows 2000, Windows XP, and Windows XP Professional 64 Bit. The author recommends...
View Articlepatch-2.6.16-karp
kArp, the Kernel ARP hijacking kernel patch for Linux. Any ethernet driver (including 802.11 drivers) is supported. The kArp code is lower than the actual ARP code in the network stack, and thus will...
View Articlebash-3.1-perassi.patch
bup is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets....
View Articlesilc-join-hmac.patch
Patch for silc-server that fixes a flaw allowing for the crash of a network's SILC router when a new channel is created.
View Articleopenssh_backdoor.patch.txt
OpenSSH patch tested with versions 4.2p1 and 4.7p1 that allows for a hidden user to login with root permissions.
View Articlefreeradius-wpe-2.0.2.patch.txt
A patch for the popular open-source FreeRADIUS implementation to demonstrate RADIUS impersonation vulnerabilities by Joshua Wright and Brad Antoniewicz, demonstrated at Shmoocon 4.
View ArticleHPP Protection Patch For ModSecurity 2.5.9
HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.
View ArticleFreeBSD RTLD Patch
This is a quick patch released by FreeBSD to help mitigate the Run-Time Link-Editor (rtld) local root vulnerability discovered in FreeBSD versions 7.x and 8.x.
View ArticleLinux 32bit Vulnerability Workaround
Information regarding a simple mitigation to disable 32bit binaries in Linux.
View ArticleOpenSSH 6.0p1 Magic Password Patch
This patch for OpenSSH 6.0 Portable is a lightweight version of the full patch. This version strictly allows for the addition of a hard-coded password.
View Article