Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Open Invention Network (OIN) marks its ten year anniversary. "Since its founding in 2005, Open Invention Network has grown its community to over 1,700 participants ? from sizable multinational companies to key open source projects to emerging businesses. OIN has expanded its strategic patent portfolio to more than 1,000 worldwide patents and applications. In parallel, the zone of patent non-aggression that is defined by OIN?s Linux System definition has evolved to include more than 2,300 software packages, which ensures freedom of action in core functionality for global open source projects and technology platforms such as Linux, Red Hat, SUSE, Android, Open Stack and Apache."
Open Invention Network Celebrates 10 Year Anniversary

Arch Linuxhas updated nodejs(denial of service). Fedorahas updated libvpx(F21: denial of service), openjpeg2(F22: code execution), pixman(F22: buffer overflow), unzip(F21: two vulnerabilities), webkitgtk(F22; F21: denial of service), and webkitgtk3(F22; F21: denial of service). openSUSEhas updated apache2(13.2, 13.1: multiple vulnerabilities), conntrack-tools(13.2, 13.1: denial of service), froxlor(13.2, 13.1: privilege escalation), redis(13.2, 13.1: code execution), seamonkey(13.2, 13.1: multiple vulnerabilities), thunderbird(13.2, 13.1: multiple vulnerabilities), and vorbis-tools(13.2, 13.1: code execution). SUSEhas updated firefox, nspr(SLE12: multiple vulnerabilities). Ubuntuhas updated kernel(15.04; 14.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic(14.04: multiple vulnerabilities), linux-lts-vivid(14.04: multiple vulnerabilities), and lxc(14.04: regression in previous update).
Security updates for Tuesday

The nomination process has begun for the 2015 election of the Technical Advisory Board for the Linux Foundation. That election will happen on October 26 at the Kernel Summit in Seoul, South Korea. There are five positions to be filled; terms are for two years.
The 2015 Linux Foundation Technical Advisory Board elections

Ars Technica presents a lengthy reviewof Android 6.0 "Marshmallow". "While this is a review of the final build of "Android 6.0,"we're going to cover many of Google's apps along with some other bits that aren't technically exclusive to Marshmallow. Indeed, big chunks of "Android"don't actually live in the operating system anymore. Google offloads as much of Android as possible to Google Play Services and to the Play Store for easier updating and backporting to older versions, and this structure allows the company to retain control over its open source platform. As such, consider this a look at the shipping Google Android software package rather than just the base operating system. "Review: New Android stuff Google has released recently"would be a more accurate title, though not as catchy."
Android 6.0 Marshmallow, thoroughly reviewed (Ars Technica)

Arch Linuxhas updated hostapd(multiple vulnerabilities) and libunwind(denial of service). Fedorahas updated activemq(F22: information disclosure), bind(F21: denial of service), jenkins-script-security-plugin(F22: unspecified vulnerability), kernel(F22; F21: denial of service), libwmf(F22: two vulnerabilities), scap-security-guide(F22; F21: unspecified vulnerability), seamonkey(F22; F21: multiple vulnerabilities), thunderbird(F22: multiple vulnerabilities), and xen(F22; F21: multiple vulnerabilities). Mageiahas updated chromium-browser(MG5: information disclosure) and gdk-pixbuf2.0(MG5: two vulnerabilities). openSUSEhas updated phpMyAdmin(13.2, 13.1: guessable user credentials). Ubuntuhas updated oxide-qt(15.04, 14.04: information disclosure), thunderbird(15.04, 14.04, 12.04: multiple vulnerabilities), and firefox(15.04, 14.04, 12.04: regression in previous update).
Security advisories for Monday

Sarah Sharp has made officialher departure from the kernel development community. "I didn?t take the decision to step down lightly. I felt guilty, for a long time, for stepping down. However, I finally realized that I could no longer contribute to a community where I was technically respected, but I could not ask for personal respect. I could not work with people who helpfully encouraged newcomers to send patches, and then argued that maintainers should be allowed to spew whatever vile words they needed to in order to maintain radical emotional honesty. I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes. I feel powerless in a community that had a 'Code of Conflict' without a specific list of behaviors to avoid and a community with no teeth to enforce it."
Sharp: Closing a door

The Linux Foundation has announcedthe formation of a collaborative project to support the ongoing development of the realtime kernel patch set. "The RTL Collaborative Project will focus on pushing critical code upstream to be reviewed and eventually merged into the mainline Linux kernel where it will receive ongoing support. This will save the industry millions of dollars in research and development. It will also improve quality of the code through robust upstream kernel test infrastructure, since anything maintained in the mainline kernel is collectively supported by thousands of developers and hundreds of companies around the world."As part of the project, the Foundation has appointed Thomas Gleixner into a Fellow position.
The Real-Time Linux Collaborative Project

The 4.3-rc4kernel prepatch is out. "You all know the drill by now. It's Sunday, and there is a new release candidate out there."
Kernel prepatch 4.3-rc4

Greg Kroah-Hartman has released the 4.2.3and 4.1.10stable kernels. The fixfor the deadlocks reportedfor 4.1.9 did not make it into 4.1.10. As usual, these stable kernels contain fixes throughout the tree.
Stable kernels 4.2.3 and 4.1.10

Many online media outlets are reporting the news that ownership of the popular ad-blocking browser extension AdBlockhas been sold to a new owner. Not to be confused with similarly named projects AdBlock Plus and AdBlock Edge, this AdBlock announced the news of the sale to its users in a pop-up window. TheNextWeb reportsthat AdBlock employees refused to identify the buyer. In related news, the new owner has decided to join the "Acceptable Ads"whitelisting program run by rival AdBlock Plus. An announcementon the AdBlock Plus site confirms the move, and notes that an "independent review board"will now decide which advertisements are included the Acceptable Ads whitelist. Public nominations for the board are said to be open.
Ad-blocking extension AdBlock sold to new owner

CentOShas updated thunderbird(C6; C5; C7: multiple vulnerabilities). Debian-LTShas updated binutils(multiple vulnerabilities). Fedorahas updated freeimage(F22; F21: integer overflow), golang(F22; F21: multiple vulnerabilities), jakarta-commons-httpclient(F22; F21: denial of service), and openjpeg2(F22; F21: use-after-free vulnerability). Mageiahas updated thunderbird(M5: multiple vulnerabilities). openSUSEhas updated bind(11.4: denial of service). Oraclehas updated thunderbird(O6; O7: multiple vulnerabilities). Red Hathas updated mod_proxy_fcgi(RHEL6: denial of service). Scientific Linuxhas updated thunderbird(SL5, 6, 7: multiple vulnerabilities). Slackwarehas updated mozilla-thunderbird(14.0, 14.1, current: multiple vulnerabilities), php(14.0, 14.1, current: multiple vulnerabilities), and seamonkey(14.0, 14.1, current: multiple vulnerabilities). Ubuntuhas updated kernel(12.04: multiple vulnerabilities) and linux-ti-omap4(12.04: multiple vulnerabilities).
Friday's security updates

The GNOME Foundation has announcedthe release of its Annual Report [PDF]for the 2014 fiscal year, which ran from October 1, 2013 through September 30, 2014. The report covers topics like finances, the Groupon trademark battle, conferences, outreach, accessibility, and lots more. "Jean-François Fortin Tam, president of the GNOME Foundation for 2014-2015, states in the introduction letter: '2014 is on record as one of the most challenging years in the Foundation's history. It is also the year that has given us the most demonstrative and passionate display of support?from our members, our contributors, and the Free Software community?that we have ever experienced.'"
GNOME?s 2014 Fiscal Year Annual Report Published

Joanna Rutkowska has announcedthe release of Qubes OS3.0, which has a new hypervisor abstraction layer(HAL) as one of its "killer features". Qubes OS uses a hypervisor as part of its "security by compartmentalization"strategy for creating a more secure operating system. The HAL "will allow us to easily switch the underlying hypervisors in the near future, perhaps even during the installation time, depending on the user needs (think tradeoffs between hardware compatibility and performance vs. security properties desired, such as e.g. reduction of covert channels between VMs, which might be of importance to some users). More philosophically-wise, this is a nice manifestation of how Qubes OS is really "not yet another virtualization system", but rather: a user of a virtualization system (such as Xen)."We lookedat Qubes OS 3.0 back in May.
Qubes OS 3.0 released

Greg Kroah-Hartman has announced the release of the 3.14.54and 3.10.90stable kernels. As usual, they contain important fixes throughout the tree and users should upgrade.
Stable kernels 3.14.54 and 3.10.90

The Free Software Foundation (FSF) has announceda collaboration with Software Freedom Conservancy (SFC) on "The Principles of Community-Oriented GPL Enforcement", which describes what it means to do GPL enforcement in a way that is oriented toward gaining compliance (also: SFC announcement). "'GPL enforcement is mostly an educational process working with people who have made honest mistakes, but it must be undertaken with care and thoughtfulness. Our goal is not to punish or censure violators, but to help them come into compliance. Abiding by these principles aids our work in bringing about that outcome,' said FSF's licensing and compliance manager, Joshua Gay.
FSF, Conservancy publish principles for community-oriented GPL enforcement

Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
Vuln: Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability

Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
Vuln: Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability

Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
Vuln: Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities

Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
Vuln: Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities

Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-
Bugtraq: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-

LanWhoIs.exe Stack Buffer Overflow
Bugtraq: LanWhoIs.exe Stack Buffer Overflow

Advisory: web-based VM detection and coarse-grained fingerprinting
Bugtraq: Advisory: web-based VM detection and coarse-grained fingerprinting

[security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege
Bugtraq: [security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus