Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
A bug that allows an attacker to overwrite a function pointer in the kernel opens up a relatively easy way to compromise the kernel?doubly so, if an attacker simply needs to wait for the kernel use the compromised pointer. There are various techniques that can be used to protect kernel function pointers that are set at either compile or initialization time, but there are some pointers that are routinely set as the kernel runs; timer completion functions are a good example. An RFC patch posted to the kernel-hardening mailing list would add a way to detect that those function pointers have been changed in an unexpected way and to stop the kernel from executing that code.
[$] A canary for timer-expiration functions

Earlier this month we reportedthat the Krita Foundation was having some financial difficulties. The Krita Foundation has an updatewith thanks to all who donated. "So, even though we?re going to get another accountant?s bill of about 4500 euros, we?ve still got quite a surplus! As of this moment, we have ?29,657.44 in our savings account! That means that we don?t need to do a fund raiser in September. Like we said, we?ve still got some features to finish."
Thank you from Krita

The startup time for the Python interpreter has been discussed by the core developers and others numerous times over the years; optimization efforts are made periodically as well. Startup time can dominate the execution time of command-line programs written in Python, especially if they import a lot of other modules. Python startup time is worse than some other scripting languages and more recent versions of the language are taking more than twice as long to start up when compared to earlier versions (e.g. 3.7 versus 2.7). The most recent iteration of the startup time discussion has played out in the python-dev and python-ideas mailing lists since mid-July. This time, the focus has been on the collections.namedtuple()data structure that is used in multiple places throughout the standard library and in other Python modules, but the discussion has been more wide-ranging than simply that.
[$] Reducing Python's startup time

Security updates have been issued by CentOS(firefox, httpd, and java-1.7.0-openjdk), Fedora(cups-filters, potrace, and qpdf), Mageia(libsoup and mingw32-nsis), openSUSE(kernel), Oracle(httpd, kernel, spice, and subversion), Red Hat(httpd, java-1.7.1-ibm, and subversion), Scientific Linux(httpd), Slackware(xorg), SUSE(java-1_8_0-openjdk), and Ubuntu(firefox, linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-lts-xenial, postgresql-9.3, postgresql-9.5, postgresql-9.6, and ubufox).
Security updates for Wednesday

The Solus distribution project has announcedthe availability of Solus 3. "This is the third iteration of Solus since our move to become a rolling release operating system. Unlike the previous iterations, however, this is a release and not a snapshot. We?ve now moved away from the 'regular snapshot' model to accommodate the best hybrid approach possible - feature rich releases with explicit goals and technology enabling, along with the benefits of a curated rolling release operating system."Headline features include support for the Snap packaging format, a lot of desktop changes, and numerous software updates. (LWN looked at Solusin 2016).
Solus 3 released

The GNOME project was founded by Miguel de Icaza and Federico Mena Quintero on August 15, 1997, so today the project celebratesits 20th birthday. "There have been 33 stable releases since the initial release of GNOME 1.0 in 1999. The latest stable release, GNOME 3.24 ?Portland,? was well-received. ?Portland? included exciting new features like the GNOME Recipes application and Night Light, which helps users avoid eyestrain. The upcoming version of GNOME 3.26 ?Manchester,? is scheduled for release in September of this year. With over 6,000 contributors, and 8 million lines of code, the GNOME Project continues to thrive in its twentieth year."
GNOME turns 20

Distributions like Debian have a clear policy on the software they ship; as a general rule, only free software can be considered for inclusion. How that policy should be applied to software that interacts with proprietary systems is not entirely clear, though. A recent discussion on a package that interfaces with a proprietary network service seems unlikely to lead to any changes in policy, but it does highlight a fault line within the Debian community.
[$] Debian debates software for proprietary services

Security updates have been issued by Arch Linux(audiofile, git, jdk7-openjdk, libytnef, mercurial, spice, strongswan, subversion, and xorg-server), Debian(gajim, krb5, and libraw), Fedora(kernel, postgresql, sscep, subversion, and varnish), Mageia(firefox, phpldapadmin, and x11-server), Red Hat(kernel and spice), SUSE(subversion), and Ubuntu(libgd2).
Security updates for Tuesday

Lars Wirzenius announcesthat he is ending development of the Obnam backup system. "After some careful thought, I fear that the maintainability problems of Obnam can realistically only be solved by a complete rewrite from scratch, and I'm not up to doing that. If you use Obnam, you should migrate to some other backup solution. Don't worry, you have until the end of the year. I will be around and I intend to fix any serious bugs in Obnam; in particular, security flaws. But you should start looking for a replacement sooner rather than later."LWN looked at Obnamin 2012.
Wirzenius: Retiring Obnam

While the best way to avoid performance problems associated with page faults is usually to avoid faulting altogether, that is not always an option. Thus, it is important that the kernel handle page faults with a minimum of overhead. One particular pain point in current kernels comes about in multi-threaded workloads that are all incurring faults in the same address space. Speculative page-fault handling is an old idea for improving the scalability of such workloads that may finally be approaching a point where it can be considered for inclusion.
[$] Another attempt at speculative page-fault handling

Security updates have been issued by Debian(botan1.10, cvs, firefox-esr, iortcw, libgd2, libgxps, supervisor, and zabbix), Fedora(curl, firefox, git, jackson-databind, libgxps, libsoup, openjpeg2, potrace, python-dbusmock, spatialite-tools, and sqlite), Mageia(cacti, ffmpeg, git, heimdal, jackson-databind, kernel-linus, kernel-tmb, krb5, php-phpmailer, ruby-rubyzip, and supervisor), openSUSE(firefox, librsvg, libsoup, ncurses, and tcmu-runner), Oracle(firefox), Red Hat(java-1.8.0-ibm), Slackware(git, libsoup, mercurial, and subversion), and SUSE(kernel).
Security updates for Monday

The 4.13-rc5kernel prepatch is available, right on schedule. "Go forth and test, and everything says that we'll get 4.13 out in our usual timely manner."
Kernel prepatch 4.13-rc5

The 4.12.7, 4.9.43, 4.4.82, and 3.18.65stable kernel updates are out; each contains a relatively small set of important fixes.
Four more stable kernel updates

Greg Kroah-Hartman has released stable kernels 4.12.6, 4.9.42, 4.4.81, and 3.18.64. All of them contain important fixes and users should upgrade.
Four stable kernel updates

Emmanuele Bassi writes about the mismatchbetween the traditional distribution packaging model and what the world seems to actually want. "The more I think about it, the less I understand how that ever worked in the first place. It is not a mystery, though, why it?s a dying model. When I say that 'nobody develops applications like the Linux distributions encourages and prefers' I?m not kidding around: Windows, macOS, iOS, Electron, and Android application developers are heavily based on the concept of a core set of OS services; a parallel installable blocks of system dependencies shipped and retired by the OS vendor; and a bundling system that allows application developers to provide their own dependencies, and control them."
Bassi: Dev v Ops

Cisco AnyConnect Secure Mobility Client Software CVE-2017-6788 Cross Site Scripting Vulnerability
Vuln: Cisco AnyConnect Secure Mobility Client Software CVE-2017-6788 Cross Site Scripting Vulnerability

Cisco Virtual Network Function Element Manager CVE-2017-6710 Remote Command Execution Vulnerability
Vuln: Cisco Virtual Network Function Element Manager CVE-2017-6710 Remote Command Execution Vulnerability

Advantech WebOP Designer Heap Buffer Overflow Vulnerability
Vuln: Advantech WebOP Designer Heap Buffer Overflow Vulnerability

Linux kernel CVE-2017-8831 Local Denial of Service Vulnerability
Vuln: Linux kernel CVE-2017-8831 Local Denial of Service Vulnerability

Microsoft Resnet - DNS Configuration Web Vulnerability
Bugtraq: Microsoft Resnet - DNS Configuration Web Vulnerability

FreeBSD <= 10.3 jail SHM hole
Bugtraq: FreeBSD

[SECURITY] [DSA 3943-1] gajim security update
Bugtraq: [SECURITY] [DSA 3943-1] gajim security update

CVE-2017-9802: Apache Sling XSS vulnerability
Bugtraq: CVE-2017-9802: Apache Sling XSS vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus