Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The SHA-1hash algorithm has been known for at least a decade to be weak; while no generated hash collisions had been reported, it was assumed that this would happen before too long. On February 23, Google announcedthat it had succeeded at this task. While the technique used is computationally expensive, this event has clarified what most developers have known for some time: it is time to move away from SHA-1. While the migration has essentially been completed in some areas (SSL certificates, for example), there are still important places where it is heavily used, including at the core of the Git source-code management system. Unsurprisingly, the long-simmering discussion in the Git community on moving away from SHA-1 is now at a full boil.
[$] Moving Git past SHA-1

Security updates have been issued by Debian(apache2, radare2, and shadow), Mageia(firebird, libevent, and php-tcpdf), and openSUSE(chromium).
Security updates for Monday

The 4.9.13and 4.4.52stable kernels are out; these relatively small updates contain the usual set of important fixes. Update: the 4.10.1update is out as well (thanks to Thorsten Leemhuis).
Stable kernels 4.9.13 and 4.4.52 (and 4.10.1)

Security updates have been issued by CentOS(kernel and qemu-kvm), Debian(bind9, cakephp, munin, and shadow), Fedora(python-cjson, python-PyMySQL, quagga, util-linux, and xen), Mageia(kernel kmod and kernel-tmb), Oracle(kernel), Red Hat(kernel), and Scientific Linux(kernel).
Some weekend security updates

Linus Torvalds has posted a lengthy explanationof why the recently created SHA-1 collision is not an emergency for Git users. "In the pdf examples, the pdf format acted as the 'black box', and what you see is the printout which has only a very indirect relationship to the pdf encoding. But if you use git for source control like in the kernel, the stuff you really care about is source code, which is very much a transparent medium. If somebody inserts random odd generated crud in the middle of your source code, you will absolutely notice."That said, he notes that there is work in progress to move away from SHA-1. [It seems that subversion users have an additional set of concerns; see this bug report conversationfor the scary story.]
Linus on Git and SHA-1

Thanks to Josh Triplett for sending us this Google Project Zero reportabout a dump of unitialized memory caused by Cloudflare's reverse proxies. "A while later, we figured out how to reproduce the problem. It looked like that if an html page hosted behind cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like heartbleed, but cloudflare specific and worse for reasons I'll explain later). My working theory was that this was related to their "ScrapeShield"feature which parses and obfuscates html - but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers. We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security. "
Cloudflare Reverse Proxies are Dumping Uninitialized Memory

Security updates have been issued by Debian(libreoffice and phpmyadmin), Fedora(kopete and xrdp), Oracle(kernel and qemu-kvm), Red Hat(kernel and qemu-kvm), Scientific Linux(kernel and qemu-kvm), and Ubuntu(LibreOffice and php7.0).
Security updates for Friday

Over at the Red Hat Developers blog, Martin Sebor looks atsome new (or enhanced) warnings available in GCC 7 that will help catch various types of memory errors. For example: "The -Wformat-overflow=leveloption detects certain and likely buffer overflow in calls to the sprintffamily of formatted output functions. The option starts by determining the size of the destination buffer, which can be allocated either statically or dynamically. It then iterates over directives in the format string, calculating the number of bytes each result in output. For integer directives like %iand %xit tries to determine either the exact value of the argument or its range of values and uses the result to calculate the exact or minimum and maximum number of bytes the directive can produce. Similarly for floating point directives such as %aand %f, and string directives such as %s. When it determines that the likely number of bytes a directive results in will not fit in the space remaining in the destination buffer it issues a warning."
Memory Error Detection Using GCC (Red Hat Developers blog)

Andrey Konovalov has announcedthe discovery and fix of a local privilege escalation in the Linux kernel. Using the syzkallerfuzzer (which LWN looked ataround one year ago), he found a double-free in the Datagram Congestion Control Protocol (DCCP) implementation that goes back to at least September 2006 (2.6.18), but probably all the way back to the introduction of DCCP in October 2005 (2.6.14). "[At] this point we have a use-after-free on some_object. An attacker can control what object that would be and overwrite it's content with arbitrary data by using some of the kernel heap spraying techniques. If the overwritten object has any triggerable function pointers, an attacker gets to execute arbitrary code within the kernel. I'll publish an exploit in a few days, giving people time to update."
Ancient local privilege escalation vulnerability in the kernel announced

Greg Kroah-Hartman has announced the release of the 4.9.12and 4.4.51stable kernels. As usual, there are important fixes in the updates and users of those kernels should upgrade.
Stable kernels 4.9.12 and 4.4.51

Security updates have been issued by Arch Linux(bzip2, kernel, and linux-zen), CentOS(kernel), Debian(bitlbee, kernel, and tomcat7), Fedora(diffoscope, mujs, pcre, plasma-desktop, and tomcat), Mageia(libpcap/tcpdump and spice), openSUSE(gd, kernel, libquicktime, and libXpm), Oracle(kernel), Red Hat(kernel, kernel-rt, and python-oslo-middleware), SUSE(php5 and util-linux), and Ubuntu(imagemagick).
Security updates for Thursday

The final version of the LEDE router distribution's 17.01.0 release is now available. "LEDE 17.01.0 "Reboot"incorporates thousands of commits over the last nine months of effort. With this release, the LEDE development team closes out an intense effort to modernize many parts of OpenWrt and incorporate many new modules, packages, and technologies."LWN recently reviewed a release-candidate versionof LEDE 17.01.
LEDE v17.01.0 final

The Google security blog carries the newsof the first deliberately constructed SHA-1 hash collision. "We started by creating a PDF prefix specifically crafted to allow us to generate two documents with arbitrary distinct visual contents, but that would hash to the same SHA-1 digest. In building this theoretical attack in practice we had to overcome some new challenges. We then leveraged Google?s technical expertise and cloud infrastructure to compute the collision which is one of the largest computations ever completed."The SHA-1 era is truly coming to an end, even if most attackers lack access to the computing resources needed for this particular exploit.
Announcing the first SHA1 collision

The Weekly Edition for February 23, 2017 is available.
[$] Weekly Edition for February 23, 2017

Tuukka Turunen presentsa roadmap for Qt. "Qt 3D was first released with Qt 5.7 and in Qt 5.8 the focus was mostly on stability and performance. With Qt 5.9 we are providing many new features which significantly improve the functionality of Qt 3D. Notable new features include support for mesh morphing and keyframe animations, using Qt Quick items as a texture for 3D elements, as well as support for physically based rendering and particles. There are also multiple smaller features and improvements throughout the Qt 3D module."
Turunen: Qt Roadmap for 2017

[SECURITY] [DSA 3788-2] tomcat8 regression update
Bugtraq: [SECURITY] [DSA 3788-2] tomcat8 regression update

[security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
Bugtraq: [security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information

APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
Bugtraq: APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1

PDFMate PDF Converter Pro - Buffer Overflow Vulnerability
Bugtraq: PDFMate PDF Converter Pro - Buffer Overflow Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus