Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Ars Technica reportsthat Microsoft, Google, Mozilla, Cisco, Intel, Netflix, and Amazon have launched a new consortium, the Alliance for Open Media. "The Alliance for Open Media would put an end to this problem [of patent licenses and royalties]. The group's first aim is to produce a video codec that's a meaningful improvement on HEVC. Many of the members already have their own work on next-generation codecs; Cisco has Thor, Mozilla has been working on Daala, and Google on VP9 and VP10. Daala and Thor are both also under consideration by the IETF's netvc working group, which is similarly trying to assemble a royalty-free video codec."
Microsoft, Google, Amazon, others, aim for royalty-free video codecs (Ars Technica)

Fedorahas updated qemu(F21: multiple vulnerabilities). Oraclehas updated gdk-pixbuf2(OL7; OL6: code execution), jakarta-taglibs-standard(OL7; OL6: code execution), and nss-softokn(OL7; OL6: signature forgery). Red Hathas updated nss-softokn(RHEL6,7: signature forgery) and pcs(RHEL6,7: privilege escalation). Ubuntuhas updated expat(15.04, 14.04, 12.04: denial of service) and gnutls28(15.04: two vulnerabilities).
Tuesday's security advisories

The OpenSSL project looks at its security recordfor the last year. "The acceptable timeline for disclosure is a hot topic in the community: we meet CERT?s 45-day disclosure deadline more often than not, and we?ve never blown Project Zero?s 90-day baseline. Most importantly, we met the goal we set ourselves and released fixes for all HIGH severity issues in well under a month. We also landed mitigation for two high-profile protocol bugs, POODLE and Logjam. Those disclosure deadlines weren?t under our control but our response was prepared by the day the reports went public."
OpenSSL Security: A Year in Review

The ownCloud Contributor Conference 2015(August 28-September 3 in Berlin, Germany) started off with some big announcements, including the publishing of the User Data Manifesto 2.0, the creation of the ownCloud Security Bug Bounty Program, and the release of the ownCloud Proxy app. "Designed for those of you who want your own private, secure ?Dropbox? and don?t want the hassle of configuring routers, firewalls and DNS entries for access from anywhere, at any time, ownCloud Proxy is for you. It comes installed as an ownCloud community app in the new ownCloud community appliance, connects to relay servers in the cloud, and provides anytime, anywhere access to your files, on your PC running in your home network, quickly and easily. And, of course, you can grab it from the ownCloud app store and add it to an existing ownCloud server if you already have one running."
ownCloud Contributor Conference Announcements

Debianhas updated drupal7(multiple vulnerabilities) and iceweasel(multiple vulnerabilities). Mageiahas updated audit(MG4,5: unsafe escape-sequence handling), firefox(MG4,5: multiple vulnerabilities), and glusterfs(MG5; MG4: two vulnerabilities). openSUSEhas updated ansible(13.2: regression in previous update) and thunderbird(13.2; 13.1: multiple vulnerabilities). Red Hathas updated gdk-pixbuf2(RHEL6,7: code execution) and jakarta-taglibs-standard(RHEL6,7: code execution). Scientific Linuxhas updated firefox(SL5,6,7: two vulnerabilities), gdk-pixbuf2(SL6,7: code execution), and jakarta-taglibs-standard(SL6,7: code execution). Slackwarehas updated firefox(multiple vulnerabilities). SUSEhas updated kvm(SLE11SP4: code execution).
Security updates for Monday

Linus has announcedthe final release of the 4.2 kernel. "So judging by how little happened this week, it wouldn't have been a mistake to release 4.2 last week after all, but hey, there's certainly a few fixes here, and it's not like delaying 4.2 for a week should have caused any problems either."Headline features in this release include the security module stacking patches, the delay-gradient congestion-control algorithm, improvements to writeback management in control groups, a lot of important persistent-memory infrastructure, and more.
The 4.2 kernel has been released

Version 7.10 of the GDB debugger is out. Improvements this time around include better support for access to shared libraries on remote targets, reverse debugging on ARM64 systems, support for DTrace static probes, and more.
GDB 7.10 released

Google has announcedthat, beginning September 1, Chrome will no longer auto-play Flash-based ads in the company's popular AdWords program. The post frames this as a move to improve browsing performance for users, and notes that most Flash ads are automatically converted to HTML5 already. Commenting on the news, The Registernotesthat the change should also offer some additional protection against malware delivered via Flash. Chrome will continue to auto-play Flash content in the main body of pages, however. The Register's story says the change is, in fact, just a modification of the default setting for plugin behavior, which already supportsan option to disable plugin content not deemed "important."Mozilla, of course, blacklistedthe Flash plugin in July, although that action only disabled the then-current, vulnerable release—which was subsequently updated.
Starting in September, Chrome will stop auto-playing Flash ads

Arch Linuxhas updated firefox(multiple vulnerabilities). CentOShas updated firefox(C5; C6; C7: multiple vulnerabilities) and thunderbird(C5; C6; C7: multiple vulnerabilities). Debian-LTShas updated openjdk-6(multiple vulnerabilities) and zendframework(XML external entity attack). Fedorahas updated maradns(F21; F22: denial of service), openssh(F21: multiple vulnerabilities), php-guzzle-Guzzle(F21; F22: XML external entity attack), php-twig(F22: code execution), php-ZendFramework2(F21; F22: XML external entity attack), rt(F21; F22: cross-site scripting), and rubygem-rack(F21: denial of service). Mageiahas updated drupal(M4,5: multiple vulnerabilities), python-django, python-django14(M4,5: multiple vulnerabilities), subversion(M4,5: multiple vulnerabilities), thunderbird(M4,5: multiple vulnerabilities), and vlc(M4,5: code execution). Oraclehas updated firefox(O5; O6; O7: multiple vulnerabilities). Red Hathas updated firefox(RHEL5,6,7: multiple vulnerabilities). SUSEhas updated MozillaFirefox, mozilla-nss(SLE11: multiple vulnerabilities). Ubuntuhas updated cups-filters(15.04: unintended printer access) and firefox(12.04, 14.04, 15.04: multiple vulnerabilities).
Friday's security updates

The Electronic Frontier Foundation has announcedthe recipients of its Pioneer Awards for 2015: Caspar Bowden, The Citizen Lab, Annriette Esterhuysen and the Association for Progressive Communications, and Kathy Sierra. "This extraordinary group of winners have all focused on the users, striving to give everyone the access, power, community, and protection they need in order to create and participate in our digital world."
The 2015 EFF Pioneer Awards

KDE.News looks at KDE sprintsand their benefits. The organization is doing some fundraisingto help support its sprints, so it is trying get the word out about these code-focused events: "To start with, KDE sprints are intensive sessions centered around coding. They take place in person over several days, during which time skillful developers eat, drink and sleep code. There are breaks to refresh and gain perspective, but mostly sprints involve hard, focused work. All of this developer time and effort is unpaid. However travel expenses for some developers are covered by KDE. KDE is a frugal organization with comparatively low administrative costs, and only one paid person who works part time. So the money donated for sprints goes to cover actual expenses. Who gets the money? Almost all of it goes to transportation companies."
KDE Sprints - who wins? (KDE.News)

Debianhas updated php5(multiple vulnerabilities). Debian-LTShas updated pykerberos(authentication botch) and python-django(two vulnerabilities). Fedorahas updated mariadb(F21: unspecified). Mageiahas updated cgit(code execution from 2014). Ubuntuhas updated qemu, qemu-kvm(multiple vulnerabilities, including one from 2014).
Security updates for Thursday

The developers of the Grsecurity kernel-hardening patch set have announcedthat, due to claimed ongoing GPL and trademark violations, the public distribution of the "stable"series of patches will stop. "We decided that it is unfair to our sponsors that the above mentioned unlawful players can get away with their activity. Therefore, two weeks from now, we will cease the public dissemination of the stable series and will make it available to sponsors only. The test series, unfit in our view for production use, will however continue to be available to the public to avoid impact to the Gentoo Hardened and Arch Linux communities."
Grsecurity stable patches to be limited to sponsors

The Weekly Edition for August 27, 2015 is available.
[$] Weekly Edition for August 27, 2015

Arch Linuxhas updated gnutls(denial of service), jasper(denial of service), pcre(code execution), and python-django(denial of service). CentOShas updated httpd(C7: two vulnerabilities) and mariadb(C7: multiple vulnerabilities). Debianhas updated twig(code execution). Debian-LTShas updated ruby1.8(information disclosure) and ruby1.9.1(information disclosure). Mageiahas updated gnutls(MG4,5: two vulnerabilities), vlc(MG5: code execution), and wireshark(MG4,5: multiple vulnerabilities). Oraclehas updated thunderbird(OL7; OL6: multiple vulnerabilities). Ubuntuhas updated gdk-pixbuf(15.04, 14.04, 12.04: code execution).
Security updates for Wednesday

SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
Vuln: SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness

Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
Vuln: Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability

Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
Vuln: Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability

Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
Vuln: Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities
Bugtraq: [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities

[security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code
Bugtraq: [security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code

[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information
Bugtraq: [security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information

[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information
Bugtraq: [security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus