Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The version 1.6.0 releases of the Wayland display manager and Weston compositor are available. Wayland improvements include better error handling and an improved self-testing infrastructure. On the Weston side, they have made a number of xdg-shell protocol changes ("Yes, we broke it again since 1.5.0"), some keyboard repeat improvements, a switch to libinput by default, and more.
Wayland and Weston 1.6.0 released

Debianhas updated apt(regression in previous security update). Fedorahas updated apache-poi(F20: two XML handling flaws), asterisk(F20; F19: denial of service), haproxy(F20: unspecified vulnerabilities), kernel(F20: three vulnerabilities), pdns-recursor(F20; F19: denial of service), polkit-qt(F20; F19: authorization bypass), and ReviewBoard(F19: two vulnerabilities). openSUSEhas updated lua(code execution) and squid(denial of service).
Friday's security advisories

A new organization to "make security easy and fun"has announced itselfin a blog post entitled "Why Hello, World!". Simply Secureis targeting the usability of security solutions: "If privacy and security aren?t easy and intuitive, they don?t work. Usability is key."The organization was started by Google and Dropbox; it also has the Open Technology Fundas one of its partners. "To build trust and ensure quality outcomes, one core component of our work will be public audits of interfaces and code. This will help validate the security and usability claims of the efforts we support. More generally, we aim to take a page from the open-source community and make as much of our work transparent and widely-accessible as possible. This means that as we get into the nitty-gritty of learning how to build collaborations around usably secure software, we will share our developing methodologies and expertise publicly. Over time, this will build a body of community resources that will allow all projects in this space to become more usable and more secure."
Simply Secure announces itself

Debianhas updated icedove(two vulnerabilities) and libav(multiple unspecified vulnerabilities). openSUSEhas updated curl(13.1, 12.3: two cookie-handling vulnerabilities). Oraclehas updated automake(OL5: code execution from 2012), bind97(OL5: three vulnerabilities, two from 2013), conga(OL5: multiple vulnerabilities some going back to 2012), krb5(OL5: code execution), krb5(OL5: multiple vulnerabilities, two from 2013), and nss, nspr(multiple vulnerabilities, one from 2013). SUSEhas updated squid3(SLE11SP3: denial of service).
Thursday's security advisories

The Weekly Edition for September 18, 2014 is available.
[$] Weekly Edition for September 18, 2014

Greg Kroah-Hartman has made some progress on the stable patch backlog with the release of 3.16.3, 3.14.19, and 3.10.55.
Some stable kernel updates

[Keith Packard]In a talk entitled "SteamOS Magic", longtime X developer Keith Packard looked at the new Linux "distribution"and the effort to turn the Linux desktop into a gaming console. It turns out that, with a fairly small amount of code, Steam and SteamOS creator, Valve, was able to take the existing X-based desktop and turn it into a "living-room experience". Click below (subscribers only) for the full report from LinuxCon North America.
[$] X and SteamOS

Debianhas updated apt(multiple vulnerabilities) and dbus(multiple vulnerabilities). Red Hathas updated krb5(RHEL5: code execution). SUSEhas updated procmail(SLE11 SP3: code execution) and kernel(SLES11 SP1: multiple vulnerabilities). Ubuntuhas updated apt(multiple vulnerabilities), libav(12.04: code execution), and openjdk-7(14.04: updates for arm64 and ppc64el).
Security advisories for Wednesday

Matthew Garrett writes about the challengesfaced by the developers working on ACPI-based ARM systems. "Somebody is going to need to take responsibility for tracking ACPI behaviour and incrementing the exported interface whenever it changes, and we need to know who that's going to be before any of these systems start shipping. The alternative is a sea of ARM devices that only run specific kernel versions, which is exactly the scenario that ACPI was supposed to be fixing."
Garrett: ACPI, kernels and contracts with firmware

The OpenSSLproject is widely known due to its broad adoption as the SSL/TLS library of choice for open-source software—though, in April, it also became widely known because of a particularly vicious security vulnerability. To a large degree, the project weathered the storm, but the project has also undertaken some changes in the wake of the incident. The most recent is the adoption of a public security policydescribing how issues of various kinds will be dealt with.
[$] OpenSSL's new security policy

SUSE's parent entity, the Attachmate Group has entered into an agreement to merge with Micro Focus, prompting some to wonder about how that might affect openSUSE. SUSE's President and General Manager, Nils Brauckmann has contacted the openSUSE Board with a reassuring message. "Business as Usual: There are no changes planned for the SUSE business structure and leadership."
openSUSE statement on the recent Merger announcement

The Register reportsthat SUSE Linux owner Attachmate Group is being purchased by Micro Focus International. "Micro Focus is taking Attachmate Group in exchange for 86.60 million shares, in a deal described as a merger. The combined companies will create a ?leading global infrastructure software company? with revenue of $1.4bn, Micro Focus said. The deal is expected to close in November."
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn (The Register)

Andrew Tanenbaum has announced the release of MINIX 3.3.0, a major new release of the OS. "It is based on a tiny (13 KLoC) microkernel with the operating system running as a set of protected user-mode processes. Each device driver is also a separate process. If a driver fails, it is automatically and transparently restarted without rebooting and without applications even noticing, making the system self-healing. In addition to the x86, the ARM Cortex A8 is now supported, with ports to the BeagleBoard and BeagleBone available. Finally, the entire userland has been redone to make it NetBSD compatible, with thousands of NetBSDpackages available out of the box."
New MINIX release for x86 and ARM is BSD compatible

CentOShas updated axis(C6; C5: SSL hostname verification bypass). openSUSEhas updated php5(13.1, 12.3: multiple vulnerabilities), ppp(13.1, 12.3: privilege escalation), python-django(13.1, 12.3: multiple vulnerabilities), and flash-player(11.4: multiple vulnerabilities). Oraclehas updated axis(OL6; OL5: SSL hostname verification bypass). Red Hathas updated automake(RHEL5: code execution), bind97(RHEL5: denial of service), conga(RHEL5: multiple vulnerabilities), krb5(RHEL5: multiple vulnerabilities), and nss, nspr(RHEL5: multiple vulnerabilities). Scientific Linuxhas updated axis(SL5&6: SSL hostname verification bypass). SUSEhas updated glibc(SLES10 SP3; SLES11 SP2: multiple vulnerabilities). Ubuntuhas updated python-django(multiple vulnerabilities).
Tuesday's security updates

The Rust Programming Language Blog has an article describing recent changes to the languageand what remains to be done for the eventual 1.0 release. "The key to all these changes has been a focus on the core concepts of ownership and borrowing. Initially, we introduced ownership as a means of transferring data safely and efficiently between tasks, but over time we have realized that the same mechanism allows us to move all sorts of things out of the language and into libraries. The resulting design is not only simpler to learn, but it is also much 'closer to the metal' than we ever thought possible before. All Rust language constructs have a very direct mapping to machine operations, and Rust has no required runtime or external dependencies."
The road to Rust 1.0

Multiple IBM DB2 Products CVE-2012-4826 Remote Stack Buffer Overflow Vulnerability
Vuln: Multiple IBM DB2 Products CVE-2012-4826 Remote Stack Buffer Overflow Vulnerability

IBM DB2 and DB2 Connect CVE-2013-4033 Multiple Unauthorized Access Vulnerabilities
Vuln: IBM DB2 and DB2 Connect CVE-2013-4033 Multiple Unauthorized Access Vulnerabilities

IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability
Vuln: IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability

IBM DB2 Multiple File Disclosure Security Bypass and Stack Buffer Overflow Vulnerabilities
Vuln: IBM DB2 Multiple File Disclosure Security Bypass and Stack Buffer Overflow Vulnerabilities

Re: Multiple Vulnerabilities with Aztech Modem Routers
Bugtraq: Re: Multiple Vulnerabilities with Aztech Modem Routers

[SECURITY] [DSA 3025-2] apt regression update
Bugtraq: [SECURITY] [DSA 3025-2] apt regression update

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations
Bugtraq: AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations

AST-2014-009: Remote crash based on malformed SIP subscription requests
Bugtraq: AST-2014-009: Remote crash based on malformed SIP subscription requests

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus