Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
On his blog, Gmane creator and maintainer Lars Magne Ingebrigtsen warnsthat the email-to-news (and web) gateway may be disappearing soon. The site, which is hosted by his employer, has been under a distributed denial of service (DDoS) attack for the last few weeks, but there are other problems as well. "And now the DDoS stuff, which I have no idea why is happening, but I can only assume that somebody is angry about something. Probably me being a wise ass. So? it?s been 14 years? I?m old now. I almost threw up earlier tonight because I?m so stressed about the situation. I should retire and read comic books and watch films. Oh, and the day job. Work, work, work. Oh, and Gnus. I?m thinking about ending Gmane, at least as a web site. Perhaps continue running the SMTP-to-NNTP bridge? Perhaps not? I don?t want to make 20-30K mailing lists start having bouncing addresses, but I could just funnel all incoming mail to /dev/null, I guess?"The site, which has been relied on by many (including LWN) since it started in 2002, is down now and it appears to be unclear when (or if) it will be back.
Ingebrigtsen: The End of Gmane?

Debianhas updated xen(multiple vulnerabilities, one from 2015). Debian-LTShas updated tardiff(two vulnerabilities from 2015). Fedorahas updated httpd(F23: HTTP redirect), libarchive(F24: code execution), and libvirt(F23: authentication bypass). openSUSEhas updated dropbear(42.1, 13.2: multiple vulnerabilities), go(13.2: HTTP request smuggling flaws from 2015), karchive(42.1, 13.2: code execution), mbedtls(42.1: three vulnerabilities), python(42.1, 13.2: three vulnerabilities), and tiff(13.2: multiple vulnerabilities). Oraclehas updated java-1.7.0-openjdk(OL7; OL6; OL5: multiple vulnerabilities). Scientific Linuxhas updated java-1.7.0-openjdk(multiple vulnerabilities).
Security advisories for Thursday

The Weekly Edition for July 28, 2016 is available.
[$] Weekly Edition for July 28, 2016

A few years ago, the hardware vendor Yubico made a bit of a splash when it introduced its YubiKey line of inexpensive hardware security tokens powered by open-source software. With its most recent product release, however, Yubico has dropped open source and started deploying only proprietary software in its devices. Consequently, many community members have started looking for a viable replacement that will adhere to open-source principles. At present, one of the leading contenders for Yubico's departed customers is Nitrokey, which manufactures a line of hardware tokens capable of generating one-time passwords (OTPs), storing and using OpenPGP keys, and several other features. The devices made by Nitrokey run open-source software and are open hardware as well.
[$] One-time passwords and GnuPG with Nitrokey

Greg Kroah-Hartman has released stable kernels 4.6.5, 4.4.16, and 3.14.74. All of them contain important fixes.
Stable kernel updates

Shari Steele has posted a statement from the Tor projecton the results of an investigation into the allegations of harassment (and worse) within Tor and how the project will respond. "I am pleased, therefore, to announce that both the Tor Project and the Tor community are taking active steps to strengthen our ability to handle problems of unprofessional behavior. Specifically, the Tor Project has created an anti-harassment policy, a conflicts of interest policy, procedures for submitting complaints, and an internal complaint review process. They were recently approved by Tor?s board of directors, and they will be rolled out internally this week."
A statement from the Tor project

CentOShas updated java-1.7.0-openjdk(C7; C6; C5: multiple vulnerabilities), samba(C7: crypto downgrade), and samba4(C6: crypto downgrade). Debianhas updated libgd2(denial of service), mariadb-10.0(multiple vulnerabilities), and php5(multiple vulnerabilities). Debian-LTShas updated libgd2(denial of service). Mageiahas updated apache(HTTP redirect), harfbuzz(multiple vulnerabilities), libgd(three vulnerabilities), libidn(multiple vulnerabilities), libupnp(unauthenticated access), libxml2(multiple vulnerabilities), mariadb(multiple vulnerabilities), mupdf(denial of service), php/xmlrpc-epi/timezone(multiple vulnerabilities), sudo(race condition), tomcat/apache-commons-fileupload(denial of service), and virtualbox(allows local users to affect availability). Red Hathas updated java-1.7.0-openjdk(RHEL5,6,7: multiple vulnerabilities) and kernel(RHEL6.7: privilege escalation). Scientific Linuxhas updated samba(SL7: crypto downgrade) and samba4(SL6: crypto downgrade). Ubuntuhas updated kde4libs(15.10, 14.04, 16.04: command execution) and openjdk-8(16.04: multiple vulnerabilities).
Security advisories for Wednesday

Harald Sitter reportson a discussion at recent sprint focused on making Snap packaging useful for KDE. "Shipping things users can use on Linux has been a pain in the rear since forever and these bundles are meant to change that. As such we as KDE should have a strong interest and presence in this field in the hopes of shaping a future that is useful to us. After all, we are one of the biggest source distributors, and the primary reason we don't also offer generic binary packages of our applications is because this never scaled and was altogether terrible to pull off from a KDE point of view."He and Scarlett Clark are working on some high level mass automation of snap building on top of KDE Neon's existing deb binaries. (Thanks to Jos van den Oever)
Sitter: Snappy sprint reporty musing

Debianhas updated ntp(multiple vulnerabilities). Debian-LTShas updated cacti(three vulnerabilities), dietlibc(insecure default PATH), gosa(code injection), ntp(multiple vulnerabilities), squid(cache poisoning), and uclibc(three vulnerabilities). Oraclehas updated samba(OL7: crypto downgrade) and samba4(OL6: crypto downgrade). Red Hathas updated chromium-browser(RHEL6: multiple vulnerabilities), samba(RHEL7: crypto downgrade), and samba4(RHEL6: crypto downgrade).
Tuesday's security updates

OpenVZ 7.0 has been released. The new release focuses on merging OpenVZ and Virtuozzo source codebase and replacing its hypervisor with KVM. There are many other improvements and new features in container management and more.
OpenVZ 7.0 released

InfoWorld takes a lookat the upcoming OpenBSD 6.0 release. "Most significant among the latest security-related changes for OpenBSD is the removal of Linux emulation support. Prior versions of OpenBSD made it possible to run Linux applications by way of a compatibility layer, but the release notes for OpenBSD 6.0 indicate the Linux subsystem was removed as a "security improvement.""
The newest version of OpenBSD closes potential security loopholes (InfoWorld)

Arch Linuxhas updated chromium(multiple vulnerabilities), python-django(cross-site scripting), and python2-django(cross-site scripting). Debianhas updated openssh(user enumeration via timing side-channel), perl(two vulnerabilities), and phpmyadmin(multiple vulnerabilities). Debian-LTShas updated squid3(denial of service). Fedorahas updated ca-certificates(F24: certificate update), gd(F24: multiple vulnerabilities), httpd(F24: HTTP redirect), kf5-karchive(F24; F23: command execution, over a hundred related KDE Frameworks packages were included in this update), libgcrypt(F24: key leak), libidn(F24: multiple vulnerabilities), libvirt(F24: authentication bypass), and mingw-gnutls(F24: certificate verification vulnerability). openSUSEhas updated Chromium(SPH for SLE12; Leap42.1; 13.2: multiple vulnerabilities) and gnugk(Leap42.1, 13.2: denial of service). Red Hathas updated mariadb55-mariadb(RHSCL: many vulnerabilities) and mysql55-mysql(RHSCL: many vulnerabilities). Slackwarehas updated bind(denial of service).
Security advisories for Monday

Linus has returned from his travels and releasedthe 4.7 kernel. The most significant changes in this release include the tracing histogramsfeature, in-kernel tracing analysis via the ability to attach BPF programsto tracepoints, the LoadPin security module, better out-of-memory detection, faster filesystem operations with parallel pathname lookups, the schedutil CPU frequency governor, and more. See the KernelNewbies 4.7 pagefor lots of details.
The 4.7 kernel is out

At his blog, Matthias Clasen exploresthe recent enhancements to the the classic GNU gettext utility. Thanks in large part to new maintainer Daiki Ueno, gettext now understands many more file formats—thus enabling developers to easily extract strings from a wide variety of source files for translation. In addition to programming languages, Clasen notes, gettext understands .desktop files, GSettings schemas, GtkBuilder ui files, and Appdata files. "If you don?t want to wait for your favorite format to come with built-in its support, you can also include its files with your application; gettext will look for such files in $XDG_DATA_DIRS/gettext/its/."
Clasen: Using modern gettext

Arch Linuxhas updated drupal(proxy injection). Debianhas updated mysql-5.5(multiple vulnerabilities) and squid3(multiple vulnerabilities). Debian-LTShas updated python-django(cross-site scripting). openSUSEhas updated p7zip(13.1: code execution). Slackwarehas updated gimp(14.0, 14.1, 14.2: code execution) and php(14.0, 14.1, 14.2: multiple vulnerabilities). Ubuntuhas updated mysql-5.5, mysql-5.6, mysql-5.7(12.04, 14.04, 15.10, 16.04: multiple vulnerabilities).
Friday's security updates

Mozilla Network Security Services CVE-2015-2721 Security Bypass Vulnerability
Vuln: Mozilla Network Security Services CVE-2015-2721 Security Bypass Vulnerability

Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability
Vuln: Mozilla Netscape Portable Runtime CVE-2014-1545 Out of Bounds Memory Corruption Vulnerability

Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability
Vuln: Mozilla Network Security Services CVE-2014-1490 Use After Free Memory Corruption Vulnerability

Mozilla Network Security Services Use After Free CVE-2016-1979 Denial of Service Vulnerability
Vuln: Mozilla Network Security Services Use After Free CVE-2016-1979 Denial of Service Vulnerability

Saveya Bounty #1 - Bypass & Persistent Vulnerability
Bugtraq: Saveya Bounty #1 - Bypass &Persistent Vulnerability

Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities
Bugtraq: Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities

Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability
Bugtraq: Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability

Zortam Media Studio 20.60 - Buffer Overflow Vulnerability
Bugtraq: Zortam Media Studio 20.60 - Buffer Overflow Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus