Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
InfoWorld takes a lookat the upcoming OpenBSD 6.0 release. "Most significant among the latest security-related changes for OpenBSD is the removal of Linux emulation support. Prior versions of OpenBSD made it possible to run Linux applications by way of a compatibility layer, but the release notes for OpenBSD 6.0 indicate the Linux subsystem was removed as a "security improvement.""
The newest version of OpenBSD closes potential security loopholes (InfoWorld)

Arch Linuxhas updated chromium(multiple vulnerabilities), python-django(cross-site scripting), and python2-django(cross-site scripting). Debianhas updated openssh(user enumeration via timing side-channel), perl(two vulnerabilities), and phpmyadmin(multiple vulnerabilities). Debian-LTShas updated squid3(denial of service). Fedorahas updated ca-certificates(F24: certificate update), gd(F24: multiple vulnerabilities), httpd(F24: HTTP redirect), kf5-karchive(F24; F23: command execution, over a hundred related KDE Frameworks packages were included in this update), libgcrypt(F24: key leak), libidn(F24: multiple vulnerabilities), libvirt(F24: authentication bypass), and mingw-gnutls(F24: certificate verification vulnerability). openSUSEhas updated Chromium(SPH for SLE12; Leap42.1; 13.2: multiple vulnerabilities) and gnugk(Leap42.1, 13.2: denial of service). Red Hathas updated mariadb55-mariadb(RHSCL: many vulnerabilities) and mysql55-mysql(RHSCL: many vulnerabilities). Slackwarehas updated bind(denial of service).
Security advisories for Monday

Linus has returned from his travels and releasedthe 4.7 kernel. The most significant changes in this release include the tracing histogramsfeature, in-kernel tracing analysis via the ability to attach BPF programsto tracepoints, the LoadPin security module, better out-of-memory detection, faster filesystem operations with parallel pathname lookups, the schedutil CPU frequency governor, and more. See the KernelNewbies 4.7 pagefor lots of details.
The 4.7 kernel is out

At his blog, Matthias Clasen exploresthe recent enhancements to the the classic GNU gettext utility. Thanks in large part to new maintainer Daiki Ueno, gettext now understands many more file formats—thus enabling developers to easily extract strings from a wide variety of source files for translation. In addition to programming languages, Clasen notes, gettext understands .desktop files, GSettings schemas, GtkBuilder ui files, and Appdata files. "If you don?t want to wait for your favorite format to come with built-in its support, you can also include its files with your application; gettext will look for such files in $XDG_DATA_DIRS/gettext/its/."
Clasen: Using modern gettext

Arch Linuxhas updated drupal(proxy injection). Debianhas updated mysql-5.5(multiple vulnerabilities) and squid3(multiple vulnerabilities). Debian-LTShas updated python-django(cross-site scripting). openSUSEhas updated p7zip(13.1: code execution). Slackwarehas updated gimp(14.0, 14.1, 14.2: code execution) and php(14.0, 14.1, 14.2: multiple vulnerabilities). Ubuntuhas updated mysql-5.5, mysql-5.6, mysql-5.7(12.04, 14.04, 15.10, 16.04: multiple vulnerabilities).
Friday's security updates

The Electronic Frontier Foundation (EFF) has announcedthat it is suing the US government over provisions in the Digital Millennium Copyright Act (DMCA). The suit has been filed on behalf of Andrew "bunnie"Huang, who has a blog postdescribing the reasons behind the suit. The EFF also explained why these DMCA provisions should be ruled unconstitutional: "These provisions?contained in Section 1201 of the DMCA?make it unlawful for people to get around the software that restricts access to lawfully-purchased copyrighted material, such as films, songs, and the computer code that controls vehicles, devices, and appliances. This ban applies even where people want to make noninfringing fair uses of the materials they are accessing. Ostensibly enacted to fight music and movie piracy, Section 1201 has long served to restrict people?s ability to access, use, and even speak out about copyrighted materials?including the software that is increasingly embedded in everyday things. The law imposes a legal cloud over our rights to tinker with or repair the devices we own, to convert videos so that they can play on multiple platforms, remix a video, or conduct independent security research that would reveal dangerous security flaws in our computers, cars, andmedical devices. It criminalizes the creation of tools to let people access and use those materials."
EFF Lawsuit Takes on DMCA Section 1201: Research and Technology Restrictions Violate the First Amendment

Arch Linuxhas updated bind(denial of service). CentOShas updated java-1.8.0-openjdk(C7; C6: multiple vulnerabilities). Debian-LTShas updated libarchive(multiple vulnerabilities, most from 2015). Fedorahas updated openssh(F24: user enumeration via timing side-channel) and p7zip(F24: two code execution flaws). openSUSEhas updated dhcp(42.1: denial of service). Oraclehas updated java-1.8.0-openjdk(OL7; OL6: multiple vulnerabilities). Red Hathas updated java-1.6.0-sun(multiple vulnerabilities), java-1.7.0-oracle(multiple vulnerabilities), java-1.8.0-oracle(RHEL6&7: multiple vulnerabilities), and openstack-neutron(RHOSP8; RHOSP7: three vulnerabilities, one from 2015). Scientific Linuxhas updated java-1.8.0-openjdk(SL6&7: multiple vulnerabilities). SUSEhas updated obs-service-source_validator(SLE12: code execution).
Security updates for Thursday

The Weekly Edition for July 21, 2016 is available.
[$] Weekly Edition for July 21, 2016

Congratulations are due to Alan Cox, who was awarded an honorary degreeby Swansea University for his work with Linux. "Alan started working on Version 0. There were bugs and problems he could correct. He put Linux on a machine in the Swansea University computer network, which revealed many problems in networking which he sorted out; later he rewrote the networking software. Alan brought to Linux software engineering discipline: Linux software releases that were tested, corrected and above all stable. On graduating, Alan worked at Swansea University, set up the UK Linux server and distributed thousands of systems."
An honorary degree for Alan Cox

Benjamin Smedberg writesthat the Firefox browser will soon start taking a more active approach to the elimination of Flash content. "Starting in August, Firefox will block certain Flash content that is not essential to the user experience, while continuing to support legacy Flash content. These and future changes will bring Firefox users enhanced security, improved battery life, faster page load, and better browser responsiveness."
Smedberg: Reducing Adobe Flash Usage in Firefox

Debianhas updated apache2(HTTP redirect). Debian-LTShas updated apache2(HTTP redirect). Fedorahas updated ecryptfs-utils(F24: two vulnerabilities), kernel(F24; F23: multiple vulnerabilities), php-doctrine-orm(F24; F23: privilege escalation), and spice(F24: two vulnerabilities). Gentoohas updated ansible(code execution), arpwatch(privilege escalation from 2012), bugzilla(multiple vulnerabilities from 2014), commons-beanutils(code execution from 2014), dropbear(information disclosure), exim(code execution from 2014), libbsd(denial of service), ntp(many vulnerabilities), and varnish(access control bypass). openSUSEhas updated ImageMagick(Leap42.1: many vulnerabilities), nodejs(Leap42.1, 13.2: buffer overflow), and samba(13.2: crypto downgrade). Red Hathas updated java-1.8.0-openjdk(RHEL6,7: multiple vulnerabilities). SUSEhas updated flash-player(SLE12-SP1: multiple vulnerabilities). Ubuntuhas updated python-django(16.04: cross-site scripting).
Security updates for Wednesday

The Register reportsthat longtime Tor contributor Lucky Green is quitting and closing down the node and bridge authority he operates. "Practically, it's a big deal. Bridge Authorities are part of the infrastructure that lets users get around some ISP-level blocks on the network (not, however, defeating deep packet inspection). They're also incorporated in the Tor code, meaning that to remove a Bridge Authority is going to need an update."The shutdown is scheduled for August 31. (Thanks to Nomen Nescio)
Tor veteran Lucky Green exits, torpedos critical 'Tonga' node and relays (The Register)

The Software Freedom Conservancy is one of the few organizations involved in GPL enforcement, and it has published principlesregarding enforcement practices that seek compliance and not financial penalties. Bradley Kuhn and Karen Sandler urge othersdoing GPL enforcement to follow principles set forth by the SFC. "One impetus in drafting the Principles was our discovery of ongoing enforcement efforts that did not fit with the GPL enforcement community traditions and norms established for the last two decades. Publishing the previously unwritten guidelines has quickly separated the wheat from the chaff. Specifically, we remain aware of multiple non-community-oriented GPL enforcement efforts, where none of those engaged in these efforts have endorsed our principles nor pledged to abide by them. These ?GPL monetizers?, who trace their roots to nefarious business models that seek to catch users in minor violations in order to sell an alternative proprietary license, stand in stark contrast to the work that Conservancy, FSF and have done for years."The actions of one individual prompted the netfilter project to make a statement endorsing the principles, which we coveredearlier this month.
The Importance of Following Community-Oriented Principles in GPL Enforcement Work

Version 1.0 of the QtWebBrowser has been released. Qt WebBrowser is a browser for embedded devices developed using the capabilities of Qt and Qt WebEngine. "The browser is optimized for embedded touch displays (running Linux), but you can play with it on the desktop platforms, too! Just make sure that you have Qt WebEngine, Qt Quick, and Qt VirtualKeyboard installed (version 5.7 or newer). For optimal performance on embedded devices you should plan for hardware-accelerated OpenGL, and around 1 GiByte of memory for the whole system. Anyhow, depending on your system configuration and the pages to be supported there is room for optimization."
Qt WebBrowser 1.0

CentOShas updated httpd(C7; C6; C5: HTTP redirect). Debianhas updated mysql-connector-java(information disclosure) and python-django(cross-site scripting). Fedorahas updated dnsmasq(F24: denial of service), gd(F23: two vulnerabilities), kernel(F22: multiple vulnerabilities), mingw-openjpeg2(F24; F23: multiple vulnerabilities), pagure(F24: unspecified), pdfbox(F24: XML External Entity (XXE) attacks), perl(F24; F23: code execution), and tcpreplay(F24; F23: denial of service). Mageiahas updated imagemagick(three vulnerabilities). openSUSEhas updated apache2(Leap42.1, 13.2: HTTP redirect). Oraclehas updated httpd(OL7; OL6; OL5: HTTP redirect). Red Hathas updated httpd(RHEL7; RHEL5,6: HTTP redirect) and httpd24-httpd(RHSCL: two vulnerabilities). Scientific Linuxhas updated httpd(SL7; SL5,6: HTTP redirect) and kernel(SL6: privilege escalation). Ubuntuhas updated apache2(HTTP redirect) and thunderbird(two vulnerabilities).
Security advisories for Tuesday

TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability
Vuln: TLS Protocol CVE-2012-4929 Information Disclosure Vulnerability

libxml2 CVE-2015-8710 Out-of-bounds Memory Access Vulnerability
Vuln: libxml2 CVE-2015-8710 Out-of-bounds Memory Access Vulnerability

libxml2 CVE-2015-7498 Denial of Service Vulnerability
Vuln: libxml2 CVE-2015-7498 Denial of Service Vulnerability

Libxml2 'parser.c' Buffer Overflow Vulnerability
Vuln: Libxml2 'parser.c' Buffer Overflow Vulnerability

[security bulletin] HPSBGN03630 rev.1 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution
Bugtraq: [security bulletin] HPSBGN03630 rev.1 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution

Secunia Research: Reprise License Manager "akey" Buffer Overflow Vulnerability
Bugtraq: Secunia Research: Reprise License Manager "akey"Buffer Overflow Vulnerability

Secunia Research: Reprise License Manager "actserver" Buffer Overflow Vulnerability
Bugtraq: Secunia Research: Reprise License Manager "actserver"Buffer Overflow Vulnerability

FreeBSD Security Advisory FreeBSD-SA-16:25.bspatch
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-16:25.bspatch

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus