An ssh honeypot with the XZ backdoor. CVE-2024-3094
-
Updated
Apr 2, 2024 - Shell
#
cve-2024-3094
Here are 9 public repositories matching this topic...
Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook
linux
ssh
ansible
ansible-playbook
opensource
ansible-playbooks
vulnerabilities
vulnerability-detection
xz
vulnerability-scanners
xz-compression-utilities
xz-files
xz-utils
opensource-projects
cve-2024-3094
-
Updated
Apr 7, 2024 - Shell
Dockerfile and Kubernetes manifests for reproduce CVE-2024-3094
-
Updated
Apr 6, 2024 - Dockerfile
Verify that your XZ Utils version is not vulnerable to CVE-2024-3094
-
Updated
Mar 29, 2024 - Python
Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
ragnarok
linux-exploits
xz-utils
r4gn4r0k-sec
cve-2024-3094
r4gn4r0k
xz-utils-backdoor
linux-backdoors
apocalyps
-
Updated
Apr 1, 2024 - Go
apocalypxze: xz backdoor (2024) AKA CVE-2024-3094 related links
-
Updated
Apr 20, 2024 - HTML
Checker for CVE-2024-3094 where malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code.
-
Updated
Mar 30, 2024 - Shell
Improve this page
Add a description, image, and links to the cve-2024-3094 topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cve-2024-3094 topic, visit your repo's landing page and select "manage topics."