Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Here are a couple sad notes from the Ada Initiativeand the Apache Software Foundationon the abrupt passing of Nóirín Plunkett. "Throughout Nóirín's time at the Foundation she was an Apache httpd contributor, ASF board member, VP and ApacheCon organizer. Nóirín's passionate contributions and warm personality will be sorely missed. Many considered Nóirín a friend and viewed Nóirín's work to improving 'Women in Technology' asa great contribution to this cause."
Mourning Nóirín Plunkett

The Weekly Edition for July 30, 2015 is available.
[$] Weekly Edition for July 30, 2015

[Tizen IVI test car]In November of 2013, I decided to undertake a garage-hacking project and build an in-vehicle infotainment (IVI) Linux box for my own car. Motivated hobbyists have done such things for years, of course. But, after having followed the development of various automotive Linux projects (such as GENIVIand Tizen IVI), I wanted to put them to the test, rather than simply stuff a Raspberry Pi into the glove compartment and run Rhythmbox on a tiny screen on the dashboard. Interesting developments were happening at automakers and software vendors, and they were worth exploring. It turned out to be a rather large project, so to cover it fully will take more than one installment. The first major milestone involves understanding the unique hardware, power, and boot requirements of an IVI unit (as well as finding a distribution that fits the bill).
[$] Building a Tizen IVI test experience

Arch Linuxhas updated bind(denial of service), pacman(man-in-the-middle attack), and qemu(multiple vulnerabilities). CentOShas updated bind(C7; C5: denial of service) and bind97(C5: denial of service). Debianhas updated bind9(denial of service). Debian-LTShas updated apache2(denial of service) and bind9(denial of service). Fedorahas updated elfutils(F21: unspecified vulnerabilities), haproxy(F22; F21: information leak), hplip(F22: man-in-the-middle attack), libidn(F22; F21: information disclosure), php(F21: multiple vulnerabilities), roundcubemail(F22; F21: multiple vulnerabilities), subversion(F21: multiple vulnerabilities), and wpa_supplicant(F22: denial of service). Mageiahas updated ansible(MG4,5: two vulnerabilities), freeradius(MG4,5: insufficient certificate verification), openssh(MG4,5: authentication limits bypass), python-django(MG4,5: multiple vulnerabilities), and springframework(MG5: denial of service). Oraclehas updated bind(OL7; OL5: denial of service) and bind97(OL5: denial of service). Red Hathas updated bind(RHEL6,7; RHEL5: denial of service), bind97(RHEL5: denial of service), and qemu-kvm-rhev(RHOSP5,6: two vulnerabilities). Scientific Linuxhas updated bind(SL5: denial of service) and bind97(SL5: denial of service). Slackwarehas updated bind(denial of service). SUSEhas updated bind(SLE12; SLE11SP3,4: denial of service). Ubuntuhas updated bind9(15.04, 14.04, 12.04: denial of service) and qemu(15.04, 14.04: multiple vulnerabilities).
Security updates for Wednesday

Matt Thompson talks with Allen Gunn, Executive Director of Aspiration, at "I think you lead with a very earnest form of humility. The best forms of open are lovingly subversive, in that they draw others to form their own conclusions about the benefit of open rather than beating them over the head with it."
Roadies vs. rock stars: The art of open leadership (

CentOShas updated clutter(C7: screen lock bypass) and qemu-kvm(C7: two vulnerabilities). Debian-LTShas updated icu(code execution). Mageiahas updated chromium-browser(MG4,5: multiple vulnerabilities), expat(MG4,5: denial of service), icu(MG5; MG4: denial of service/code execution), stunnel(MG5: authentication bypass), thunderbird(MG4,5: multiple vulnerabilities), wesnoth(MG5; MG4: information leak), and wordpress(MG4: two vulnerabilities). Oraclehas updated clutter(OL7: screen lock bypass) and qemu-kvm(OL7: two vulnerabilities). Red Hathas updated clutter(RHEL7: screen lock bypass). Scientific Linuxhas updated clutter(SL7: screen lock bypass) and qemu-kvm(SL7: two vulnerabilities). SUSEhas updated xen(SLE12; SLE11SP4: two vulnerabilities). Ubuntuhas updated apache2(15.04, 14.04, 12.04: two vulnerabilities), kernel(15.04; 14.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic(14.04: multiple vulnerabilities), and linux-lts-vivid(14.04: multiple vulnerabilities).
Tuesday's security updates follows upwith the Dronecode Foundation, which was founded in October 2014. "In the past year, Dronecode's developer community has grown from 1,200 to more than 2000 contributors, with more than 12,000 commits in the codebase. The rate of development is rapid with 1,000 commits being reviewed a month, with well over 2 million lines of code across the various Dronecode projects. Developers from Qualcomm, Intel, Parrot, Yuneec and many others are actively engaged in the development of the Dronecode technology stack. As a result, updates, new releases and project milestones are in motion all the time. For example, in late May, the APM project released version 3.3 of its flight code, and the PX4 project reached a milestone with the first RC candidate for release 1.0."
The Dronecode Foundation aims to keep UAVs open (

Here is an article on the "Threatpost"siteabout a set of remotely exploitable media-library vulnerabilities present on vast numbers of Android devices. "An attacker in possession of their target?s phone number could send an MMS or even a Google Hangouts message to an affected device that triggers the vulnerability before the victim has a chance to open the message. In some cases, the attack would delete the MMS in question, leaving behind only a notification that a message was sent."
The Android "Stagefright"vulnerability

Debianhas updated expat(code execution), lxc(two vulnerabilities), and openjdk-7(multiple vulnerabilities). Debian-LTShas updated expat(code execution), ghostscript(buffer overflow), and lighttpd(man-in-the-middle attack). Mageiahas updated apache(MG4,5: two vulnerabilities), java-1.8.0-openjdk(MG5: multiple vulnerabilities), libuser(MG4,5: two vulnerabilities), and mariadb(MG4,5: multiple vulnerabilities). openSUSEhas updated cacti(13.2, 13.1: SQL injection), Chromium(13.2, 13.1: multiple vulnerabilities), java-1_7_0-openjdk(13.2, 13.1: multiple vulnerabilities), and java-1_8_0-openjdk(13.2: multiple vulnerabilities). Red Hathas updated chromium-browser(RHEL6: multiple vulnerabilities) and qemu-kvm(RHEL7: two vulnerabilities).
Security advisories for Monday

The fourth 4.2 prepatchis out for testing. Linus says: "I really wish that things were calming down, but it hasn't happened quite yet. It's not like this is particularly big or scary, but it's also not at the stage where it's really starting to get quiet and the bugs are really small and esoteric."
Kernel prepatch 4.2-rc4

Here is the announcement for Plasma Mobile, a KDE-based platform for smartphones. "The goal for Plasma Mobile is to give the user full use of the device. It is designed as an inclusive system, intended to support all kinds of apps. Native apps are developed using Qt; it will also support apps written in GTK, Android apps, Ubuntu apps, and many others, if the license allows and the app can be made to work at a technical level."There is a prototype build available for Nexus 5 phones.
Plasma Mobile launched

The etcd 2.1 releaseis out. "For a quick overview, etcd is an open source, distributed, consistent key value store for shared configuration, service discovery, and scheduler coordination. By using etcd, applications can ensure that even in the face of individual servers failing, the application will continue to work. "New features include a new authentication/authorization API, various robustness improvements, better logging, and a new metrics API.
etcd 2.1 released

The GNUnet blog has this storyabout recent resistance from the IETF toward the standardization of "special use"domain names (such as .onion or .gnu) "to reduce the likelihood of ICANN accidentally creating a conflicting gTLD assignment."Despite the provisions made in RFC 6761, the article notes that "there are also a number of DNS-centric people with a totally lack of alacrity in the dnsop WG to continue to stall the process by repeating arguments that were exchanged dozens of times in hundreds of e-mails."Among those offering resistance, it reports, is Internet Architecture Board Chair Andrew Sullivan, who "says the IETF should not support special use domain names threatening the DNS business model."
GNUnet: IETF getting cold feet about P2P Names?

The first development releaseof the upcoming openSUSE 42.1 distribution is now available. "Milestone is being used to avoid the term Alpha because the milestone is able to be deployed without the additional future items and subsystems that will become available when Leap is officially released."As reportedin June, openSUSE 42.1 is a new version of the distribution based on the SUSE Linux Enterprise core.
OpenSUSE Leap 42.1 milestone 1 released

Arch Linuxhas updated chromium(multiple vulnerabilities), crypto++(private key recovery), libuser(multiple vulnerabilities), and openssh(authentication limits bypass). CentOShas updated libuser(C7: multiple vulnerabilities). Debianhas updated chromium-browser(multiple vulnerabilities). Gentoohas updated e2fsprogs(code execution). Oraclehas updated libuser(O7: multiple vulnerabilities). Red Hathas updated java-1.7.0-ibm(RHEL 5: multiple vulnerabilities) and libuser(RHEL 6; RHEL 7: multiple vulnerabilities). Scientific Linuxhas updated libuser(SL7: multiple vulnerabilities). Ubuntuhas updated kernel(12.04; 14.04; 14.10; 15.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic(14.04: multiple vulnerabilities), linux-lts-vivid(14.04: multiple vulnerabilities), and linux-ti-omap4(12.04: multiple vulnerabilities).
Friday's security updates

redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
Vuln: redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability

Novius OS 'tab' parameter Local File Include Vulnerability
Vuln: Novius OS 'tab' parameter Local File Include Vulnerability

Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2015-0488 Remote Security Vulnerability

Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
Vuln: Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability

[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information
Bugtraq: [security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information

Cross-Site Scripting (XSS) in qTranslate WordPress Plugin
Bugtraq: Cross-Site Scripting (XSS) in qTranslate WordPress Plugin

[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information
Bugtraq: [security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information

phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability
Bugtraq: phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus