Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Greg Kroah-Hartman has released the latest batch of stable kernel updates: 3.18.5, 3.14.31, and 3.10.67. All contain important updates throughout the tree.
Fresh kernels

CentOShas updated kernel(C7; C7: multiple vulnerabilities in each update) and libyaml(C7: denial of service). Debianhas updated openjdk-6(multiple vulnerabilities), openjdk-7(multiple vulnerabilities), privoxy(multiple vulnerabilities), and requests(multiple vulnerabilities). Debian-LTShas updated polarssl(code execution). Fedorahas updated polarssl(F20; F21: code execution), thunderbird(F20: multiple vulnerabilities), unzip(F20: unspecified impact), and vorbis-tools(F21:). Oraclehas updated glibc(O4: code execution) and kernel(O6; O7: multiple vulnerabilities; O5; O6; O5; O6: denial of service). SUSEhas updated kernel(SLE 12: multiple vulnerabilities).
Friday's security updates

We are a bit late in noting that KDE has released Plasma 5.2 on January 27. This KDE.News articlegives a tour of the desktop that will be featured in upcoming Kubuntu and Fedora KDE spin releases (and probably other distributions as well). There are lots of new features and bug fixes in the release, see the changelogfor all the details. "In the screen locker we improved the integration with logind to ensure the screen is properly locked before suspend. The background of the lock screen can be configured. Internally this uses part of the Wayland protocol which is the future of the Linux desktop. There are improvements in the handling of multiple monitors. The detection code for multiple monitors got ported to use the XRandR extension directly and multiple bugs related to it were fixed."
Plasma 5.2 Is Beautiful and Featureful (KDE.News)

The LibreOffice 4.4 releaseis now available. "We have completed the dialog conversion, redesigned menu bars, context menus, toolbars, status bars and rulers to make them much more useful. The Sifr monochrome icon theme is extended and now the default on OS X. We also developed a new Color Selector, improved the Sidebar to integrate more smoothly with menus, and reworked many user interface details to follow today?s UX trends."See the release notesand this posting from Michael Meeksfor lots more information.
LibreOffice 4.4 released

CentOShas updated kernel(C6: two vulnerabilities) and libyaml(C6: denial of service). Debianhas updated virtualbox(two denial of service flaws with no details). Debian-LTShas updated jasper(two vulnerabilities), libksba(denial of service), privoxy(three vulnerabilities), python-django(multiple vulnerabilities), and rpm(multiple vulnerabilities, some from 2012 and 2013). Fedorahas updated drupal7-context(F21; F20: open redirect), suricata(F21; F20: denial of service), and unzip(F21: unspecified impact). openSUSEhas updated flash-player(12.3: multiple vulnerabilities), git(13.2, 13.1: code execution), glibc(11.4: code execution), and libpng16(13.2, 13.1: two vulnerabilities). Oraclehas updated kernel(OL7; OL6: multiple vulnerabilities) and libyaml(OL7; OL6: denial of service). Red Hathas updated glibc(RHEL4: code execution), kernel(RHEL7: multiple vulnerabilities), libyaml(RHEL6&7: denial of service), and ntp(RHEL6.5: multiple code execution flaws). Scientific Linuxhas updated kernel(SL7: multiple vulnerabilities) and libyaml(SL6&7: denial of service). Slackwarehas updated glibc(code execution). SUSEhas updated firefox(SLE11SP2, SLE11SP1; SLE10SP4: multiple vulnerabilities) and flash-player(SLE11SP3: multiple vulnerabilities).
Security updates for Thursday

The Weekly Edition for January 29, 2015 is available.
[$] Weekly Edition for January 29, 2015

At linux.conf.au2015 in Auckland, Rusty Russell presented a talkabout his personal side-project, Pettycoin. Russell had announced Pettycoin at LCA 2014; at that time it represented an untested concept: a way to attach a separate, Bitcoin-like network to the existing Bitcoin blockchain. Pettycoin's goal was originally to offer a simpler and faster "side network"that periodically reconnected to Bitcoin. In the intervening year, Russell made a lot of progress, but other new innovations in the Bitcoin arena have led him to question parts of the Pettycoin approach and consider a reimplementation.
[$] Pettycoin and sidechaining

CentOShas updated glibc(C7; C6; C5: code execution). Debian-LTShas updated eglibc(code execution). Mageiahas updated busybox(arbitrary module loading), flash-player-plugin(multiple vulnerabilities), php(multiple vulnerabilities), privoxy(multiple vulnerabilities), and python-pillow(denial of service). Oraclehas updated glibc(OL7; OL6; OL5: code execution). Red Hathas updated chromium-browser(RHEL6 Supplementary: multiple vulnerabilities), flash-plugin(RHEL5,6 Supplementary: multiple vulnerabilities), glibc(RHEL6,7; RHEL5; RHEL5.6, 5.9, 6.2, 6.4, 6.5: code execution), and kernel(RHEL6: denial of service). Scientific Linuxhas updated glibc(SL6,7; SL5: code execution) and kernel(SL6: denial of service). SUSEhas updated glibc(SLE11, SLE10: code execution). Ubuntuhas updated eglibc(12.04, 10.04: code execution), openjdk-6(12.04, 10.04: multiple vulnerabilities), and openjdk-7(14.10, 14.04: multiple vulnerabilities).
Security advisories for Wednesday

Ars Technica has a report on GHOST, which is a critical vulnerability found in the GNU C library (glibc). "The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that's invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application. In a blog post published Tuesday, researchers from security firm Qualys said they were able to write proof-of-concept exploit code that carried out a full-fledged remote code execution attack against the Exim mail server. The exploit bypassed all existing exploit protections available on both 32-bit and 64-bit systems, including address space layout randomization, position independent executions, and no execute protections."While the proof-of-concept used Exim, a wide variety of client and server programs call gethostbyname*(), often at the behest of a remote system (or attacker). Distributions have started putting out updates; users and administrators should plan on updating as soon as possible.
Highly critical ?Ghost? allowing code execution affects most Linux systems (Ars Technica)

Greg Kroah-Hartman has released stable kernels 3.18.4, 3.14.30, and 3.10.66. All contain important fixes throughout the tree.
Stable kernel updates

CentOShas updated java-1.6.0-openjdk(C7; C6; C5: multiple vulnerabilities). Debianhas updated eglibc(multiple vulnerabilities), wireshark(denial of service), and xen(multiple vulnerabilities). Fedorahas updated python-django(F20: multiple vulnerabilities) and python-django14(F20: multiple vulnerabilities). openSUSEhas updated flash-player(13.2, 13.1; 11.4: code execution). Oraclehas updated java-1.6.0-openjdk(OL7; OL6; OL5: multiple vulnerabilities). Red Hathas updated java-1.6.0-openjdk(RHEL5,6,7: multiple vulnerabilities) and java-1.6.0-sun(RHEL5,6,7: multiple vulnerabilities). Scientific Linuxhas updated java-1.6.0-openjdk(SL5,6: multiple vulnerabilities). SUSEhas updated flash-player(SLE12: code execution). Ubuntuhas updated oxide-qt(14.10, 14.04: multiple vulnerabilities) and firefox(14.10, 14.04, 12.04: regression in previous update).
Tuesday's security updates

The Python Software Foundation wraps upits 2014 retrospective. "On the technical side, the Python language grew with the releases of Python 2.7.9, 3.3.5, 3.4, and, in August, 3.4.1. Major new features of the 3.4 series, compared to 3.3 include "hundreds of small improvements and bug fixes."Additionally, Python 3.4.1 has many more advantages."
PSF: 2014 Year in Review, Part 2

CentOShas updated jasper(C7: multiple vulnerabilities). Debianhas updated jasper(multiple vulnerabilities), mysql-5.5(multiple vulnerabilities), polarssl(code execution), squid(denial of service), and websvn(information disclosure). Debian-LTShas updated libevent(denial of service) and websvn(information disclosure). Fedorahas updated docker-io(F20: multiple vulnerabilities), grep(F21: heap buffer overrun), java-1.7.0-openjdk(F20: multiple vulnerabilities), java-1.8.0-openjdk(F21; F20: multiple vulnerabilities), kde-runtime(F20: misuse of crypto), kernel(F21: restriction bypass), python-django(F21: multiple vulnerabilities), and xdg-utils(F21: command injection). Mageiahas updated aircrack-ng(multiple vulnerabilities), chromium-browser-stable(multiple vulnerabilities), jasper(multiple vulnerabilities), and java-1.7.0-openjdk(multiple vulnerabilities). openSUSEhas updated Firefox(11.4: multiple vulnerabilities), libevent(13.2, 13.1: denial of service), openssl(13.2, 13.1: multiple vulnerabilities), shotwell, vala(13.2: heap buffer overflow), and thunderbird(13.2, 13.1: multiple vulnerabilities). SUSEhas updated flash-player(SLED11 SP3: unspecified vulnerability) and vsftpd(SLES11 SP3: unauthorized access). Ubuntuhas updated ghostscript(10.04: multiple vulnerabilities), jasper(14.10, 14.04, 12.04: multiple vulnerabilities), and unbound(14.10, 14.04: denial of service).
Security advisories for Monday

Linus has released the 3.19-rc6kernel prepatch. "I currently expect to make an rc7 next week, with the final 3.19 in two weeks, as per the usual schedule."
Kernel prepatch 3.19-rc6

At, Jordi Mon introducesthe biicodeproject, an open-source dependency-management system for C and C++ applications that is akin to Ruby Gems or the Python Package Index. It is a challenging goal, he says, "because there are approximately 4 million C/C++ developers, and both languages represent up to almost 20% of the world's code."The project was started as a proprietary service, and only recently transitioned into an open-source project.
New open source dependency manager on the scene (

VMware vSphere Data Protection CVE-2014-4632 Certificate Validation Security Bypass Vulnerability
Vuln: VMware vSphere Data Protection CVE-2014-4632 Certificate Validation Security Bypass Vulnerability

TYPO3 LDAP / SSO Authentication Extension Authentication Bypass Vulnerability
Vuln: TYPO3 LDAP / SSO Authentication Extension Authentication Bypass Vulnerability

TYPO3 Content Rating SQL Injection and Cross Site Scripting Vulnerabilities
Vuln: TYPO3 Content Rating SQL Injection and Cross Site Scripting Vulnerabilities

TYPO3 Content Rating Extbase Extension Multiple Input Validation Vulnerabilities
Vuln: TYPO3 Content Rating Extbase Extension Multiple Input Validation Vulnerabilities

[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities
Bugtraq: [security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities

[SECURITY] [DSA 3147-1] openjdk-6 security update
Bugtraq: [SECURITY] [DSA 3147-1] openjdk-6 security update

[SECURITY] [DSA 3146-1] requests security update
Bugtraq: [SECURITY] [DSA 3146-1] requests security update

ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability
Bugtraq: ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus