[SECURITY] Fedora 42 Update: openiked-7.4-2.fc42

OpenIKED is a free, permissively licensed Internet Key Exchange IKEv2 implementation, developed as part of the OpenBSD project. It is intended to be a lean, secure and inter-operable daemon that allows for easy setup and management of IPsec VPNs...

OpenSSH Security Vulnerabilities

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers from the Canadian OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

[SECURITY] Fedora 40 Update: opensmtpd-7.4.0p1-1.fc40

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defined by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTPD...

LibreSSL -- Arbitrary memory read

The OpenBSD project reports: A malicious certificate revocation list or timestamp response token would allow an attacker to read arbitrary memory...

OpenSSH -- OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand

OpenBSD Project reports: sshd8 from OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as ...

[SECURITY] Fedora 32 Update: opensmtpd-6.8.0p2-1.fc32

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defi ned by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTP...

Fedora: Security Advisory for opensmtpd (FEDORA-2020-31216ab928)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSMTPD Releases Version 6.6.4p1 to Address a Critical Vulnerability

OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol SMTP that is part of the OpenBSD Projec...

[SECURITY] Fedora 30 Update: opensmtpd-6.6.2p1-1.fc30

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defi ned by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTP...

OpenSMTPD Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol SMTP that is part o...

OpenSMTPD Remote Command Execution Vulnerability

OpenSMTPD is a free server-side implementation of the SMTP protocol developed by the OpenBSD team, defined via RFC5321 and part of the OpenBSD project. A remote command execution vulnerability exists in OpenSMTPD. It allows remote attackers to execute arbitrary commands as root via a specially...

Immunity Canvas: SSH_ENUM

Name| sshenum ---|--- CVE| CVE-2018-15473 Exploit Pack| CANVAS Description| sshenum Notes| CVE Name: CVE-2018-15473 VENDOR: The OpenBSD Project NOTES: Module will use different techniques in order to enumerate users on target hosts As for the file containing usernames, they should be one per line...

DLA-667-1 libxv - security update

Bulletin has no description...

DLA-664-1 libxrender - security update

Bulletin has no description...

libressl -- NULL pointer dereference

The OpenBSD project reports: A NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections...

Microsoft to Support SSH in Windows

After several false starts, Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project. While SSH has been a popular tool for remote login and command execution on many Unix and linux systems for years, Windows has not supported...

[OpenSSH 6.5] FREE version of the SSH Connectivity Tools

OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic including passwords to effectively...