LINUXsecure_LOGO
Issues on Linux and Security
 
-->
 
 
 
 
 
 
 
home
button Home
 

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.


back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Fedora Project Leader Matthew Miller has announced the electionschedule meant to fill the two new "at large"slots on Fedora's upcoming Fedora Council governance body. "These positions are of strategic importance, with a full voice in the Council's consensus process. The primary function of the Council is to identify community goals and to organize and enable the project to achieve them."Nominations will be open from November 4 through 10; voting be open from November 18 through 25. The week in between will be for campaigning. Miller also encourages potential candidates to consider the time commitment the new roles require. "We recognize that this level of commitment is difficult for many community members with full-time jobs not directly related to Fedora, and the intent is not to exclude those contributors. At the same time, these positions will require a meaningful commitment of time and responsiveness. If your other obligations make this impossible, please consider suggesting candidacy to other community members who you feel would be able to bring your voice to the table."
Fedora Council elections scheduled

The Ubuntu kernel team has announced that they will be providing extended support for the 3.16 kernel series. The team will pick up where Greg Kroah-Hartman left off, with 3.16.7, and will provide support until April 2016.
Linux 3.16.y.z extended stable support

CentOShas updated php(C6; C7: multiple vulnerabilities), php53(C5: multiple vulnerabilities), and wget(C6; C7: code execution). Debianhas updated kernel(multiple vulnerabilities). Fedorahas updated sddm(F21: multiple vulnerabilities). Mageiahas updated file(denial of service) and dokuwiki(multiple vulnerabilities). Oraclehas updated kernel(O5; O6; O6; O7: multiple vulnerabilities), php(O6; O7: multiple vulnerabilities), php53(O5: multiple vulnerabilities), and wget(O6; O7: code execution). Red Hathas updated kernel(RHEL6: multiple vulnerabilities), php(RHEL6,7: multiple vulnerabilities), php53(RHEL5: multiple vulnerabilities), php54-php(SC1: multiple vulnerabilities), php55-php(SC1: multiple vulnerabilities), and wget(RHEL6,7: code execution). Ubuntuhas updated kernel(14.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), and wget(code execution).
Friday's security updates

Over at Linux.com, Adam Jollans has a reportfrom the recently completed KVM Forumthat was held in Düsseldorf, Germany October 14-16. He looks at a talk that he gave on KVM's relationship to OpenStack and the open cloud, a new white paper on KVM [PDF], and a panel on network function virtualization (NFV): "In the past, communications networks have been built with specific routers, switches and hubs with the configuration of all the components being manual and complex. The idea now is to take that network function, put it into software running on standard hardware. The discussion touched on the demands ? in terms of latency, throughput, and packet jitter ? that network function virtualization places on KVM when it is being run on general purpose hardware and used to support high data volume. There was a lively discussion about how to get fast communication between the virtual machines as well as issues such as performance and sharing memory, as attendees drilled down into how KVM could be applied in new ways."
KVM Matures, and the Use Cases Multiply (Linux.com)

Greg Kroah-Hartman has announced the release of four new stable kernels: 3.17.2, 3.16.7, 3.14.23, and 3.10.59. As always, they contain important fixes and users of those series should update. Note that 3.16.7 is the last stable kernel in the 3.16 series; users should upgrade to 3.17 soon.
Stable kernels 3.17.2, 3.16.7, 3.14.23, and 3.10.59

Debianhas updated dokuwiki(multiple vulnerabilities). Red Hathas updated v8314-v8 (i.e. V8)(SC1: multiple vulnerabilities, several from 2013). Slackwarehas updated wget(code execution). Ubuntuhas updated php5(multiple vulnerabilities) and systemd-shim(14.10: denial of service).
Security advisories for Thursday

The LWN.net Weekly Edition for October 30, 2014 is available.
[$] LWN.net Weekly Edition for October 30, 2014

The Drupal project has put out an advisorythat if you haven't already patched the recent SQL injection vulnerability, it's probably too late. "Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 - Drupal core - SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement."
A "highly critical public service announcement"from Drupal

CentOShas updated kernel(C7: multiple vulnerabilities). Debianhas updated iceweasel(multiple vulnerabilities). Fedorahas updated file(F20: out-of-bounds read flaw), seamonkey(F20: multiple vulnerabilities), webkitgtk3(F20: disable SSLv3 to address POODLE), and wpa_supplicant(F20: command execution). Mageiahas updated kde4(MG4: multiple vulnerabilities), konversation(information disclosure), mythtv(SSDP reflection attacks), php-ZendFramework(multiple vulnerabilities), quassel(information disclosure), and zabbix(local file inclusion). Mandrivahas updated wget(symlink attack) and wpa_supplicant(command execution). openSUSEhas updated openssl(13.1, 12.3: multiple vulnerabilities) and libxml2(13.1, 12.3: denial of service). Oraclehas updated kernel(OL7: multiple vulnerabilities). Red Hathas updated kernel(RHEL7: multiple vulnerabilities).
Security advisories for Wednesday

One might have hoped that that Debian systemd debate would have wound down several months ago, after the technical committee decidedthe default init system question and especially after Matthew Vernon's general resolution on init system choice was withdrawndue to a lack of seconds. The Debian community, it seemed, was tired of this discussion and ready to move on. Given a few months to rest, though, even old, tiresome subjects can once again seem worthy of discussion. So now we have a return of the init system choice resolution ? along with three alternatives of varying scope.
[$] A Debian init system GR flurry

CentOS 6.6 has been released. "There are many fundamental changes in this release, compared with the past CentOS-6 releases, and we highly recommend everyone study the upstream Release Notes as well as the upstream Technical Notes about the changes and how they might impact your installation. (See the 'Further Reading' section of the [CentOS release notes])."
Release for CentOS-6.6 i386 and x86_64

Debianhas updated torque(denial of service). Fedorahas updated devscripts(F20: directory traversal), drupal7(F20; F19: SQL injection), kernel(F20: multiple vulnerabilities), kernel(F20: more KVM vulnerabilities), php(F19: three vulnerabilities), php-ZendFramework2(F20: multiple vulnerabilities), phpMyAdmin(F20: cross-site scripting), python(F19: buffer overflow), python-oauth2(F20; F19: two vulnerabilities), rubygem-httpclient(F20; F19: allows ssl negotiation), and sddm(F20: multiple vulnerabilities). Mageiahas updated chromium-browser-stable(multiple vulnerabilities), nginx(virtual host confusion attacks), php(three vulnerabilities), qemu(MG4: multiple vulnerabilities), wget(symlink attack), and wpa_supplicant, hostapd(command execution). Mandrivahas updated mariadb(multiple vulnerabilities). openSUSEhas updated flash-player(multiple vulnerabilities) and perl-Email-Address(denial of service). Ubuntuhas updated pidgin(14.10, 14.04, 12.04: multiple vulnerabilities).
Tuesday's security updates

The first alpha release of Debian Edu (also known as Skolelinux) is available for testing. "Would you like to give your school's computer a longer life? Are you tired of sneaker administration, running from computer to computer reinstalling the operating system? Would you like to administrate all the computers in your school using only a couple of hours every week? Check out Debian Edu Jessie!"
First Jessie based Debian Edu alpha released

Canonical has announceda new OpenStack-oriented distribution. "Based on Canonical?s industry-leading OpenStack reference architecture and building on Ubuntu?s leading position as the most widely used OpenStack platform, the Canonical Distribution gives users the widest range of commercially-supported vendor options for storage, software-defined networking and hypervisor from Canonical and its OpenStack partners. It then automates the creation and management of a reference OpenStack based on those choices."Note that some conditions apply: "The Canonical Distribution of Ubuntu OpenStack is now available as a public beta, free for up to 10 physical and 10 virtual machines."See this pagefor more information.
The Canonical Distribution of Ubuntu OpenStack

The Season of KDEis a community outreach program, much like Google Summer of Code. "It is meant for people who could not get into Google Summer of Code for various reasons, or people who simply prefer a differently structured, somewhat less constrained program. Season of KDE is managed by the same team of admins and mentors that takes care of Google Summer of Code and Google Code-in matters for KDE, with the same level of quality and care."The student application deadline is October 31. The mentor application deadline is November 5.
Season of KDE 2014

PHP CVE-2014-3669 Denial of Service Vulnerability
Vuln: PHP CVE-2014-3669 Denial of Service Vulnerability

PHP 'donote()' Function Out-of-Bounds Read Vulnerability
Vuln: PHP 'donote()' Function Out-of-Bounds Read Vulnerability

PHP 'libxmlrpc/xmlrpc.c' Buffer Overflow Vulnerability
Vuln: PHP 'libxmlrpc/xmlrpc.c' Buffer Overflow Vulnerability

PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability
Vuln: PHP 'exif_thumbnail()' Function Heap Based Buffer Overflow Vulnerability

[SECURITY] [DSA 3060-1] linux security update
Bugtraq: [SECURITY] [DSA 3060-1] linux security update

[SE-2014-01] Missing patches / inaccurate information regarding Oracle Oct CPU
Bugtraq: [SE-2014-01] Missing patches / inaccurate information regarding Oracle Oct CPU

SEC Consult SA-20141031-0 :: XML External Entity Injection (XXE) and Reflected XSS in Scalix Web Access
Bugtraq: SEC Consult SA-20141031-0 :: XML External Entity Injection (XXE) and Reflected XSS in Scalix Web Access

[SYSS-2014-008] McAfee File and Removable Media Protection (FRP/EEFF/EERM) - Use of a One-Way Hash with a Predictable Salt (CVE-2014-8565)
Bugtraq: [SYSS-2014-008] McAfee File and Removable Media Protection (FRP/EEFF/EERM) - Use of a One-Way Hash with a Predictable Salt (CVE-2014-8565)

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus

-->