Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The openSUSE project has announcedthat the "Factory"and "Tumbleweed"distributions will merge into a single rolling distribution (called "Tumbleweed"). There is also an FAQ postingabout the merger. "With the vast improvements to the Factory development process over the last 2 years, we effectively found ourselves as a project with not one, but two rolling release distributions in addition to our main regular release distribution. GregKH signalled his intention to stop maintaining Tumbleweed as a 'rolling-released based on the current release'. It seemed a natural decision then to bring both the Factory rolling release and Tumbleweed rolling release together, so we can consolidate our efforts and make openSUSE's single rolling release as stable and effective as possible."
openSUSE Factory and Tumbleweed to merge

Matthew Garrett considers the security of Linux containerson his blog. While the attack surface of containers is likely to always be larger than that of hypervisors, that difference may not matter in practice, but it's going to take some work to get there: I suspect containers canbe made sufficiently secure that the attack surface size doesn't matter. But who's going to do that work? As mentioned, modern container deployment tools make use of a number of kernel security features. But there's been something of a dearth of contributions from the companies who sell container-based services. Meaningful work here would include things like: Strong auditing and aggressive fuzzing of containers under realistic configurations Support for meaningful nesting of Linux Security Modules in namespaces Introspection of container state and (more difficult) the host OS itself in order to identify compromises These aren't easy jobs, but they're important, and I'm hoping that the lack of obvious development in areas like this is merely a symptom of the youth of the technology rather than a lack of meaningful desire to make things better. But until things improve, it's going to be far too easy to write containers off as a "convenient, cheap, secure: choose two"tradeoff. That's not a winning strategy.
Garrett: Linux Container Security

On his blog, Christian Schaller announcedthe availability of videos from the recently completed GStreamer Conference. "For those of you who like me missed this years GStreamer Conference the recorded talks are now available online thanks to Ubicast. Ubicast has been a tremendous partner for GStreamer over the years making sure we have high quality talk recordings online shortly after the conference ends. So be sure to check out this years batch of great GStreamer talks."
Schaller: GStreamer Conference 2014 talks online

Ubuntu has announced its latest release: 14.10 "Utopic Unicorn". As usual, it comes with versions for server, desktop, and cloud, along with multiple official "flavors": Kubuntu, Lubuntu, Mythbuntu, Ubuntu GNOME, Ubuntu Kylin, Ubuntu Studio, and Xubuntu. All of the varieties come with a 3.16 kernel and many more new features: "Ubuntu Desktop has seen incremental improvements, with newer versions of GTK and Qt, updates to major packages like Firefox and LibreOffice, and improvements to Unity, including improved High-DPI display support. Ubuntu Server 14.10 includes the Juno release of OpenStack, alongside deployment and management tools that save devops teams time when deploying distributed applications - whether on private clouds, public clouds, x86 or ARM servers, or on developer laptops. Several key server technologies, from MAAS to Ceph, have been updated to new upstream versions with a variety of new features."More information can be found in the release notes.
Ubuntu 14.10 (Utopic Unicorn) released

Fedorahas updated java-1.7.0-openjdk(F19: multiple vulnerabilities) and php(F20: three vulnerabilities). Mandrivahas updated php(BS1.0: code execution). Oraclehas updated java-1.8.0-openjdk(OL6: multiple vulnerabilities) and wireshark(OL5: multiple vulnerabilities). Red Hathas updated openstack-glance(OSP4: denial of service), openstack-heat(OSP4: information leak), openstack-keystone(OSP4: two vulnerabilities), openstack-neutron(OSP4: denial of service), openstack-nova(OSP4: privilege escalation), openstack-packstack(OSP4: unexpected firewall disable), and python-backports-ssl_match_hostname(OSP4: denial of service from 2013). Scientific Linuxhas updated java-1.6.0-openjdk(multiple vulnerabilities), java-1.7.0-openjdk(SL7, SL6; SL5: multiple vulnerabilities), libxml2(SL7, SL6: denial of service), openssh(SL6: two vulnerabilities), rsyslog5 and rsyslog(SL6, SL5: denial of service), trousers(SL6: denial of service from 2012), and wireshark(SL7, SL6; SL5: multiple vulnerabilities). SUSEhas updated kernel(SLE11SP3; SLE11SP3: multiple vulnerabilities, one from 2013). Ubuntuhas updated openjdk-7(14.04: multiple vulnerabilities) and pollinate(14.04: certificate refresh).
Security updates for Thursday

Here's a lengthy ars technica retrospectiveon Ubuntu's first ten years. "As you'll soon see in this look at the desktop distro through the years, Linux observers sensed there was something special about Ubuntu nearly from the start. However, while a Linux OS that genuinely had users in mind was quickly embraced, Ubuntu's ten-year journey since is a microcosm of the major Linux events of the last decade?encompassing everything from privacy concerns and Windows resentment to server expansion and hopes of convergence."
Ten years of Ubuntu (ars technica)

The Weekly Edition for October 23, 2014 is available.
[$] Weekly Edition for October 23, 2014

In a talk entitled "Lies, Damned Lies, and Remotely Hosted Encrypted Data", Kolab Systems CEO Georg Greve outlined the thinking and investigation that the company did before deciding on where to store its customers' encrypted data. The talk, which was given at LinuxCon Europein Düsseldorf, Germany, looked at various decisions that need to be made when determining where and how to store data on the internet. It comes down to a number of factors, including the legal framework of the country in question and physical security for the systems storing the data.
[$] Where to store your encrypted data

CentOShas updated libxml2(C7: denial of service), qemu-kvm(C7: information leak), rsyslog(C5: denial of service), and wireshark(C7; C5: multiple vulnerabilities). Fedorahas updated bugzilla(F20; F19: multiple vulnerabilities), java-1.8.0-openjdk(F19: multiple vulnerabilities), and perl-Mojolicious(F20; F19: parameter injection attack). openSUSEhas updated getmail(13.1, 12.3: multiple vulnerabilities) and wpa_supplicant(13.1; 12.3: command execution). Oraclehas updated kernel(OL6: multiple vulnerabilities), rsyslog(OL6: denial of service), rsyslog7(OL6: denial of service), and wireshark(OL7; OL6: multiple vulnerabilities). Red Hathas updated wireshark(RHEL6,7; RHEL5: multiple vulnerabilities).
Security advisories for Wednesday

[Thomas Gleixner]In a followup to last year's report on the future of realtime Linux, Thomas Gleixner once again summarized the status of the long-running patch set. The intervening year did not result in the industry stepping up to fund further work, which led Gleixner to declare that realtime Linux is now just his hobby. That means new releases will be done as his time allows and may eventually lead to dropping the patch set altogether if the widening gap between mainline and realtime grows too large. Subscribers can click below for the full report of Gleixner's talk at this year's Linux Plumbers Conference.
[$] The future of the realtime patch set

Debianhas updated mysql-5.5(multiple vulnerabilities). Mandrivahas updated bugzilla(multiple vulnerabilities), kernel(multiple vulnerabilities), mediawiki(cross-site scripting), perl(denial of service), python(buffer overflow), and rsyslog(two vulnerabilities). Oraclehas updated qemu-kvm(OL7: information leak) and rsyslog5(OL5: denial of service). Red Hathas updated qemu-kvm(RHEL7: information leak) and rsyslog(RHEL5,6: denial of service). Scientific Linuxhas updated qemu-kvm(SL7: information leak). Slackwarehas updated openssh(SSHFP-checking disabled).
Tuesday's security updates

Version 24.4 of the Emacs editor is out. New features this time around include a built-in web browser (unfortunately named "eww"), better multi-monitor support, the ability to save and restore the state of frames and windows, digital signatures on Emacs Lisp packages, access control list support, and much more. See the NEWS filefor all the details.
Emacs 24.4 released

The Debian Project recently learned that community member Peter Miller died last July. "Peter was a relative newcomer to the Debian project, but his contributions to Free and Open Source Software goes back the the late 1980s. Peter was significant contributor to GNU gettext as well as being the main upstream author and maintainer of other projects that ship as part of Debian, including, but not limited to srecord, aegis and cook. Peter was also the author of the paper "Recursive Make Considered Harmful"."
Debian Project mourns the loss of Peter Miller

Ubuntu 14.10 "Utopic Unicorn"is due to be released this week. That marks 10 years of Ubuntu releases, beginning with Ubuntu 4.10"Warty Warthog". In this articleMark Shuttleworth announces the name of what will the 15.04 release. "This verbose tract is a venial vanity, a chance to vector verbal vibes, a map of verdant hills to be climbed in months ahead. Amongst those peaks I expect we?ll find new ways to bring secure, free and fabulous opportunities for both developers and users. This is a time when every electronic thing can be an Internet thing, and that?s a chance for us to bring our platform, with its security and its long term support, to a vast and important field. In a world where almost any device can be smart, and also subverted, our shared efforts to make trusted and trustworthy systems might find fertile ground. So our goal this next cycle is to show the way past a simple Internet of things, to a world of Internet things-you-can-trust."
Shuttleworth: V is for Vivid

The Free Software Foundation (FSF) and the GNU Project have announced the opening of nominations for the 17th annual Free Software Awards. The Free Software Awards include the Award for the Advancement of Free Software and the Award for Projects of Social Benefit. "In the case of both awards, previous winners are not eligible for nomination, but renomination of other previous nominees is encouraged. Only individuals are eligible for nomination for the Advancement of Free Software Award (not projects), and only projects can be nominated for the Social Benefit Award (not individuals). For a list of previous winners, please visit"
The FSF opens nominations for the 17th annual Free Software Awards

SWFUpload 'movieName' Parameter Cross Site Scripting Vulnerability
Vuln: SWFUpload 'movieName' Parameter Cross Site Scripting Vulnerability

WordPress 'SWFUpload' Library CVE-2013-2205 Multiple Cross Site Scripting Vulnerabilities
Vuln: WordPress 'SWFUpload' Library CVE-2013-2205 Multiple Cross Site Scripting Vulnerabilities

OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
Vuln: OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
Vuln: PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability

[ MDVSA-2014:208 ] phpmyadmin
Bugtraq: [ MDVSA-2014:208 ] phpmyadmin

[ MDVSA-2014:207 ] ejabberd
Bugtraq: [ MDVSA-2014:207 ] ejabberd

[ MDVSA-2014:206 ] ctags
Bugtraq: [ MDVSA-2014:206 ] ctags

[ MDVSA-2014:205 ] lua
Bugtraq: [ MDVSA-2014:205 ] lua

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus