Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The 4.12-rc7kernel prepatch is out. "It's fairly small, and there were no huge surprises, so if nothing untoward happens this upcoming week, this will be the final rc. But as usual, I reserve the right to just drag things out if I end up feeling uncomfortable about things for any reason including just random gut feelings, so we'll see."
Kernel prepatch 4.12-rc7

The 4.11.7and 4.9.34stable kernel updates have been released. Among other things, they contain the fixes for the recently disclosed "Stack Clash"vulnerability. The 4.4.74, and 3.18.58updates are still in the review process but should be out in the near future.
Stable kernels 4.11.7 and 4.9.34

The default apps on a mobile platform like Android are familiar targets for replacement, especially for developers concerned about security. But while messaging and voice apps (which can be replaced by Signal and Ostel, for instance) may be the best known examples, the non-profit Guardian Projecthas taken up the cause of improving the security features of the camera app. Its latest such project is ProofMode, an app to let users take photos and videos that can be verified as authentic by third parties.
[$] ProofMode: a camera app for verifiable photography

Security updates have been issued by Arch Linux(linux-hardened), CentOS(sudo), Debian(apache2, c-ares, flatpak, graphite2, and openvpn), Fedora(glibc and thunderbird), Gentoo(graphite2, jbig2dec, libksba, nettle, urbanterror, and vim), openSUSE(go and unrar), Oracle(sudo), SUSE(tomcat), and Ubuntu(openvpn).
Security updates for Friday

The digiKam Team has releasedversion 5.6.0 of the digiKam Software Collection for photo management. "With this version the HTML gallery and the video slideshow tools are back, database shrinking (e.g. purging stale thumbnails) is also supported on MySQL, grouping items feature has been improved, the support for custom sidecars type-mime have been added, the geolocation bookmarks introduce fixes to be fully functional with bundles, the support for custom sidecars, and of course a lots of bug has been fixed."
digiKam 5.6.0 is released

Security updates have been issued by Arch Linux(lxterminal, lxterminal-gtk3, openvpn, and pcmanfm), CentOS(thunderbird), Debian(jython, spip, tomcat7, and tomcat8), openSUSE(openvpn), Oracle(thunderbird), Slackware(openvpn), SUSE(openvpn), and Ubuntu(kernel, linux-lts-trusty, nss, and valgrind).
Security updates for Thursday

The Weekly Edition for June 22, 2017 is available.
[$] Weekly Edition for June 22, 2017

At Open Source Summit Japan(OSSJ)?OSS is the new name for LinuxCon, ContainerCon, and CloudOpen?Sasha Levin gave a talk on the kernel's application binary interface (ABI). There is an effort to create a kernel ABI specification that has its genesis in a discussion about fuzzersat the 2016 Linux Plumbers Conference. Since that time, some progress on it has been made, so Levin described what the ABI is and the benefits that would come from having a specification. He also covered what has been done so far?and the the extensive work remaining to be done.
[$] Specifying the kernel ABI

Guido Vranken describes his effortsto fuzz-test OpenVPN and the bug reports that resulted. "Most of this issues were found through fuzzing. I hate admitting it, but my chops in the arcane art of reviewing code manually, acquired through grueling practice, are dwarfed by the fuzzer in one fell swoop; the mortal?s mind can only retain and comprehend so much information at a time, and for programs that perform long cycles of complex, deeply nested operations it is simply not feasible to expect a human to perform an encompassing and reliable verification."
Vranken: The OpenVPN post-audit bug bonanza

At PyCon 2017, Kavya Joshi looked at some of the differences between the Python reference implementation (known as "CPython") and that of MicroPython. In particular, she described the differences in memory use and handling between the two. Those differences are part of what allows MicroPython to run on the severely memory-constrained microcontrollers it targets?an environment that could never support CPython.
[$] Memory use in CPython and MicroPython

For those who are curious about how the community deals with a serious vulnerability, Solar Designer's description of the embargo process around the "Stack Clash"issue (and his unhappiness with it) is worth a read. "Qualys first informed the distros list about this upcoming set of issues on May 3. This initial notification didn't say Stack Clash nor anything like that, but merely expressed intent to disclose the issues and concern that the list's maximum embargo duration of 14 to 19 days might not be sufficient in this case. In the resulting discussion, I agreed to consider extending the embargo beyond list policy should there be convincing reasons for that. In retrospect, I think I shouldn't have agreed to that."
A Stack Clash disclosure post-mortem

Version 1.2 of the Opus audio codec has been released. "For music encoding Opus has already been shown to out-perform other audio codecs at both 64 kb/s and 96 kb/s. We originally thought that 64 kb/s was near the lowest bitrate at which Opus could be useful for streaming stereo music. However, with variable bitrate (VBR) improvements in Opus 1.1, suddenly 48 kb/s became a realistic target. Opus 1.2 continues on the path to lowering the bitrate limit. Music at 48 kb/s is now quite usable and while the artefacts are generally audible, they are rarely annoying. Even more, we've actually been pushing all the way to fullband stereo at just 32 kb/s! Most of the music encoding quality improvements in 1.2 don't come from big new features (like tonality analysis that got added to version 1.1), but from many small changes that all add up."
Opus 1.2 released

In a brief note to the GCC list, David Edelson announces: "I am pleased to announce that the GCC Steering Committee has accepted the D Language front-end and runtime for inclusion in GCC and appointed Iain Buclaw as maintainer."
D Language accepted for inclusion in GCC

Security updates have been issued by CentOS(kernel), Debian(libffi, swftools, tomcat7, and zziplib), Gentoo(chromium, glibc, kodi, mbedtls, and wget), openSUSE(glibc and kernel), Oracle(kernel), Scientific Linux(thunderbird), and SUSE(kernel, sudo, and tomcat6).
Security updates for Wednesday

Simon Raffeiner describes in detailthe reasons he sees for the failure of the Ubuntu phone project. "I understand there weren?t enough developers to fix everything at once, but instead of deciding to either make a good phone OR a good tablet with Convergence, we had devices which couldn?t really do anything right. The whole project also always always had this 'these are developer devices, it?s not important to do it fast, we will win in the long run' air around it ? until the management quite obviously realised that this was all way too expensive and too much time had already been lost."
Raffeiner: My Ubuntu for mobile devices post mortem analysis

IBM QRadar SIEM CVE-2016-9738 Security Bypass Vulnerability
Vuln: IBM QRadar SIEM CVE-2016-9738 Security Bypass Vulnerability

Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability
Vuln: Linux Kernel CVE-2017-7518 Privilage Escalation Vulnerability

Microsoft Malware Protection Engine CVE-2017-8558 Remote Code Execution Vulnerability
Vuln: Microsoft Malware Protection Engine CVE-2017-8558 Remote Code Execution Vulnerability

Huawei Smart Phones CVE-2017-8143 Local Denial of Service Vulnerability
Vuln: Huawei Smart Phones CVE-2017-8143 Local Denial of Service Vulnerability

[CVE-2017-8831] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c
Bugtraq: [CVE-2017-8831] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c

[CVE-2017-8813] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c
Bugtraq: [CVE-2017-8813] Double-Fetch Vulnerability in Linux-4.10.1/drivers/media/pci/saa7164/saa7164-bus.c

[SECURITY] [DSA 3893-1] jython security update
Bugtraq: [SECURITY] [DSA 3893-1] jython security update

Sitecore 7.1-7.2 Cross Site Scripting Vulnerability
Bugtraq: Sitecore 7.1-7.2 Cross Site Scripting Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus