LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Linus has released4.0-rc6 right on schedule. "Things are calming down nicely, and there are fixes all over. The NUMA balancing performance regression is fixed, and things are looking up again in general. There were a number of i915 issues and a KVM double-fault thing that meant that for a while there I was pretty sure that this would be a release that will go to rc8, but that may be unnecessary."
Kernel prepatch 4.0-rc6

CentOShas updated postgresql(C6: multiple vulnerabilities). Debianhas updated freexl(code execution). Fedorahas updated drupal6(F21; F20: multiple vulnerabilities), drupal7(F21; F20: multiple vulnerabilities), libssh2(F20: information leak), mingw-xerces-c(F21; F20: denial of service), php(F21: multiple vulnerabilities), tcpdump(F21: multiple vulnerabilities), and xerces-c(F21; F20: denial of service). Gentoohas updated busybox(multiple vulnerabilities). Mandrivahas updated apache-mod_wsgi(MBS2.0: privilege escalation), bash(MBS2.0: multiple vulnerabilities), bind(MBS2.0: denial of service), binutils(MBS2.0: multiple vulnerabilities), clamav(MBS2.0: multiple vulnerabilities), coreutils(MBS1.0, MBS2.0: code execution), ctags(MBS2.0: denial of service), ctdb(MBS2.0: insecure temporary files), dbus(MBS2.0: multiple vulnerabilities), drupal(MBS1.0: multiple vulnerabilities), ejabberd(MBS2.0: incorrectly allows unencrypted connections), erlang(MBS2.0: command injection), ffmpeg(MBS2.0: multiple vulnerabilities), firebird(MBS2.0: denial of service), freerdp(MBS2.0: two vulnerabilities), gcc(MBS2.0: code execution), git(MBS2.0: code execution), glibc(MBS2.0: multiple vulnerabilities), glpi(MBS2.0: multiple vulnerabilities), grub2(MBS2.0: code execution), gtk+3.0(MBS2.0: screen lock bypass), icu(MBS2.0: multiple vulnerabilities), ipython(MBS2.0: code execution), jasper(MBS2.0: multiple vulnerabilities), jython(MBS2.0: code execution), libarchive(MBS1.0, MBS2.0: directory traversal), libtiff(MBS1.0: multiple vulnerabilities), libxfont(MBS1.0: multiple vulnerabilities), setup(MBS2.0: information disclosure), tcpdump(MBS1.0: multiple vulnerabilities), and wireshark(MBS1.0: multiple vulnerabilities). openSUSEhas updated freetype2(13.2, 13.1: many vulnerabilities), gnutls(13.2, 13.1: certificate algorithm consistency checking issue), and rubygem-bundler(13.2, 13.1: installs malicious gem files). Red Hathas updated kernel-rt(RHE MRG for RHEL6: two vulnerabilities), libxml2(RHEL7: denial of service), and postgresql(RHEL6, RHEL7: multiple vulnerabilities). Scientific Linuxhas updated libxml2(SL7: denial of service) and postgresql(SL6, SL7: multiple vulnerabilities).
Security advisories for Monday

The pile of security updates has gotten deep enough that it makes sense to shove them out now. The biggest pile is seemingly Mandriva catching up on numerous updates for its Mandriva Business Server (MBS) line of products. Debianhas updated batik(unauthorized file access), binutils(code execution), dulwich(code execution), libxfont(privilege escalation), php5(fix regression from previous update), shibboleth-sp2(denial of service), and xerces-c(denial of service). Fedorahas updated kernel(F21: code execution), mongodb(F21: denial of service), python-requests(F21: cookie stealing), python-urllib3(F21: cookie stealing), strongswan(F20, F21: denial of service), and webkitgtk4(F21: late certificate verification). Mageiahas updated docuwiki(cross-site scripting), drupal(authentication bypass), krb5(denial of service), python-requests(cookie stealing), setup(incorrect file protections), and wireshark(dissector issues). Mandrivahas updated apache(MBS2: 11 CVEs), apache-mod_security(MBS2: restriction bypass), cifs-utils(MBS2: code execution), cups(MBS2: six CVEs), cups-filters(MBS2: nine CVEs), curl(MBS2: seven CVEs), dovecot(MBS2: denial of service), egroupware(MBS2: code execution), elfutils(MBS2: code execution), emacs(MBS2: symbolic link vulnerability), freetype2(MBS2: 21 CVEs), gnupg(MBS1, MBS2: five CVEs), gnutls(MBS2: five CVEs), imagemagick(MBS2: five CVEs), jbigkit(MBS2: code execution), json-c(MBS2: denial of service), krb5(MBS1-2: five CVEs), lcms2(MBS2: denial of service), libcap-ng(MBS2: privilege escalation), libgd(MBS2: denial of service), libevent(MBS2: code execution), libjpeg(MBS2: code execution), libksba(MBS2: denial of service), liblzo(MBS2: code execution), libpng(MBS2: memory overwrite), libpng12(MBS2: three 2013 CVEs), libsndfile(MBS2: code execution), libssh(MBS2: information disclosure and denial of service), libssh2(MBS1, MBS2: MITM vulnerability), libtasn1(MBS2: denial of service), libtiff(MBS2: six CVEs), libvirt(MBS1, MBS2: denial of service and information leak), libvncserver(MBS2: six CVEs), libxfont(MBS2: six CVEs), libxml2(MBS2: denial of service), lua(MBS2: code execution), mariadb(MBS2: uncountable unexplained CVEs), mpfr(MBS2: code execution), mutt(MBS2: denial of service), net-snmp(MBS2: denial of service), nginx(MBS2: code execution), nodejs(MBS2: multiple unspecified vulnerabilities), not-yet-commons-ssl(MBS2: MITM vulnerability), ntp(MBS2: six CVEs), openldap(MBS1, MBS2: denial of service), openssh(MBS2: restriction and authentication bypass), openvpn(MBS2: denial of service), patch(MBS2: file overwrite), pcre(MBS2: denial of service), perl(MBS2: denial of service), php(MBS1, MBS2: lots of vulnerabilities), postgresql(MBS2: twelve CVEs), ppp(MBS2: privilege escalation), pulseaudio(MBS2: denial of service), python-django(MBS2: five CVEs), python-pillow(MBS2: five CVEs), python-requests(MBS2: cookie stealing), php-ZendFramework(MBS2: eight CVEs), python(MBS2: seven CVEs), python3(MBS2: five CVEs), python-lxml(MBS2: code injection), python-numpy(MBS2: temporary file vulnerability), readline(MBS2: symbolic link vulnerability), rsync(MBS2: denial of service), rsyslog(MBS2: denial of service), ruby(MBS2: denial of service), samba(MBS1, MBS2: code execution and more), samba4(MBS2: code execution), sendmail(MBS2: file descriptor access), serf(MBS2: MITM vulnerability), squid(MBS2: five CVEs), stunnel(MBS2: private key disclosure), subversion(MBS2: five CVEs), sudo(MBS2: file disclosure), tcpdump(MBS2: seven CVEs), tomcat(MBS2: eight CVEs), torque(MBS2: kill arbitrary processes), udisks2(MBS2: code execution), unzip(MBS2: code execution), util-linux(MBS2: command injection), wpa_supplicant(MBS2: command execution), wget(MBS2: symbolic link vulnerability), x11-server(MBS2: thirteen CVEs), and xlockmore(MBS2: lock bypass). openSUSEhas updated mercurial(command injection). SUSEhas updated firefox(SLES10-11: code execution) and mysql(SLES11: 33 vulnerabilities).
A massive weekend security update pile

More than a decade after its last major rewrite, the GNU Mailmanmailing list manager project aims to release its 3.0 suite in April, during the sprints following PyCon North America. Mailman 3 is a major rewrite that includes a new user membership system, a RESTAPI, an archiver replacement for Pipermail, and a better web interface for subscriptions and settings ? but it carries with it a few new dependencies as well. Brave system administrators can try out the fifth beta versionnow. Subscribers can click below for the full story from next week's edition.
[$] Mailman 3.0 to modernize mailing lists

Hot on the heels of yesterday's 3.19.3 release, Greg Kroah-Hartman has released kernels 3.14.37and 3.10.73. Each contains a bevy of updates and fixes.
Two fresh stable kernels

CentOShas updated setroubleshoot(C6; C7: privilege escalation). Debianhas updated batik(information leak). Fedorahas updated dokuwiki(F20; F21; F22: access control bypass), drupal7(F22: multiple vulnerabilities), drupal7-views(F20; F21: multiple vulnerabilities), ettercap(F20; F21: multiple vulnerabilities), mingw-xerces-c(F22: denial of service), nx-libs(F20; F21: multiple vulnerabilities), php(F22: multiple vulnerabilities), and xerces-c(F22: denial of service). Mandrivahas updated cabextract(BS1,2: multiple vulnerabilities), cpio(BS1: multiple vulnerabilities; BS2: directory traversal), e2fsprogs(BS1; BS2: multiple vulnerabilities), and openssl(BS1; BS2: multiple vulnerabilities). openSUSEhas updated libXfont(13.1, 13.2: multiple vulnerabilities), libzip(13.1, 13.2: denial of service), and tcpdump(13.1, 13.2: multiple vulnerabilities). Oraclehas updated ipa and slapi-nis(O7: multiple vulnerabilities), kernel(O7: multiple vulnerabilities), and setroubleshoot(O5; O6; O7: privilege escalation). Red Hathas updated ipa, slapi-nis(RHEL7: multiple vulnerabilities), kernel(RHEL7: multiple vulnerabilities), kernel-rt(RHEL7: multiple vulnerabilities), and setroubleshoot(RHEL5,6,7: privilege escalation). Scientific Linuxhas updated ipa and slapi-nis(SL7:), kernel(SL7: multiple vulnerabilities), and setroubleshoot(SL5,6,7: privilege escalation). SUSEhas updated Xen(SLE12: multiple vulnerabilities).
Friday's security updates

Greg Kroah-Hartman has announced the release of the 3.19.3kernel. A variety of important fixes and updates are included.
A new stable kernel release

CentOShas updated firefox(C6; C7: multiple vulnerabilities). openSUSEhas updated firefox(13.1,13.2: multiple vulnerabilities). Oraclehas updated firefox(O5: multiple vulnerabilities). Scientific Linuxhas updated 389-ds-base(SL7: multiple vulnerabilities), firefox(multiple vulnerabilities), freetype(SL6,7: multiple vulnerabilities), glibc(SL7: multiple vulnerabilities), GNOME Shell(SL7: lock screen bypass), hivex(SL7: privilege escalation), httpd(SL7: multiple vulnerabilities), ipa(SL7: multiple vulnerabilities), kernel(SL7: multiple vulnerabilities), krb5(SL7: multiple vulnerabilities), libreoffice(SL7: multiple vulnerabilities), libvirt(SL7: multiple vulnerabilities), openssh(SL7: multiple vulnerabilities), openssl(SL6; SL7: multiple vulnerabilities), pcre(SL7: information leak), qemu-kvm(SL7: multiple vulnerabilities), unzip(SL6,7: multiple vulnerabilities), and virt-who(SL7: information leak).
Thursday's security updates

The LWN.net Weekly Edition for March 26, 2015 is available.
[$] LWN.net Weekly Edition for March 26, 2015

The LibreOffice project was announcedwith great fanfare in September 2010. Nearly one year later, the OpenOffice.org project (from which LibreOffice was forked) was cut loose from Oracleand found a new home as an Apache project. It is fair to say that the rivalry between the two projects in the time since then has been strong. Predictions that one project or the other would fail have not been borne out, but that does not mean that the two projects are equally successful. A look at the two projects' development communities reveals some interesting differences. Click below (subscribers only) for the full article.
[$] Development activity in LibreOffice and OpenOffice

Debianhas updated openssl(regression in previous update) and python-django(cross-site scripting). Debian-LTShas updated gnutls26(multiple vulnerabilities). openSUSEhas updated less(13.2, 13.1: information leak) and tor(13.2, 13.1: denial of service). Oraclehas updated firefox(OL7; OL6: multiple vulnerabilities). SUSEhas updated firefox(SLE11 SP3: multiple vulnerabilities). Ubuntuhas updated batik(14.10, 14.04, 12.04: information leak) and libarchive(14.10, 14.04, 12.04: directory traversal).
Security advisories for Wednesday

The GNOME 3.16 release is out. "This is another exciting release for GNOME, and brings many new features and improvements, including redesigned notifications, a new shell theme, new scrollbars, and a refresh for the file manager. 3.16 also includes improvements to the Image Viewer, Music, Photos and Videos. We are also including three new preview apps for the first time: Books, Calendar and Characters."See the release notesfor more information.
GNOME 3.16 released

The LibreOffice project has announced the accelerated development of a new online offering. "Development of LibreOffice Online started back in 2011, with the availability of a proof of concept of the client front end, based on HTML5 technology. That proof of concept will be developed into a state of the art cloud application, which will become the free alternative to proprietary solutions such as Google Docs and Office 365, and the first to natively support the Open Document Format (ODF) standard."The current effort is supported by IceWarp and Collabora; see this FAQand Michael Meeks's postingfor more information. For those wanting to download it, though, note the "the availability of LibreOffice Online will be communicated at a later stage."
LibreOffice Online announced

The ACM has announcedthat the 2014 A. M. Turing award has gone to Michael Stonebraker. Among many other things, he was the original creator of the database management system now known as PostgreSQL.
A Turing award for Michael Stonebraker

The Free Software Foundation Europe has a reminder that Document Freedom Day is happening from March 24 12:00 UTC until March 26 12:00 UTC. "Document Freedom Day is the global campaign for document liberation by local groups throughout the world. So far more than 50 groups registered their events in over 25 countries ranging from Asia, Europa, Africa, to South and North America."
FSFE: Worldwide more than 50 events about Open Standards

WebGate eDVR Manager ActiveX Controls CVE-2015-2098 Multiple Buffer Overflow Vulnerabilities
Vuln: WebGate eDVR Manager ActiveX Controls CVE-2015-2098 Multiple Buffer Overflow Vulnerabilities

Oracle Java SE CVE-2014-6549 Remote Java SE Vulnerability
Vuln: Oracle Java SE CVE-2014-6549 Remote Java SE Vulnerability

Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
Vuln: Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability

Oracle Java SE CVE-2015-0406 Remote Java SE Vulnerability
Vuln: Oracle Java SE CVE-2015-0406 Remote Java SE Vulnerability

[ MDVSA-2015:166 ] clamav
Bugtraq: [ MDVSA-2015:166 ] clamav

[ MDVSA-2015:165 ] bind
Bugtraq: [ MDVSA-2015:165 ] bind

[ MDVSA-2015:163 ] grub2
Bugtraq: [ MDVSA-2015:163 ] grub2

[ MDVSA-2015:162 ] gtk+3.0
Bugtraq: [ MDVSA-2015:162 ] gtk+3.0

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->