Apache.org has been offline for 3 hours this morning, after one of their servers was compromised.
The compromise is “not due to any software exploits in Apache itself”, but was instead due to a compromised SSH key. Details have not yet been given as to which servers were affected.
Apache.org suffered a server compromise after an SSH key was exposed in 2001.
A current performance graph for www.apache.org can be seen here.
Slackware 13.0 is finally released
After one of the most intensive periods of development in Slackware’s history, the long awaited stable release of Slackware 13.0 is ready. This release brings with it many major changes since Slackware 12.2, including a completely reworked collection of X packages (a configuration file for X is no longer needed in most cases), major upgrades to the desktop environments (KDE version 4.2.4 and Xfce version 4.6.1), a new .txz package format with much better compression, and other upgrades all around — to the development system, network services, libraries, and major applications like Firefox and Thunderbird. We think you’ll agree that this version of Slackware was worth the wait. Also, this is the first release of Slackware with native support for the 64-bit x86_64 architecture.
Official Announcement | Release Notes
Have fun and thank you Patrick .
Linux Kernel <= 2.6.31-rc7 AF_LLC getsockname 5-Byte Stack Disclosure
Bug is present in <= 2.6.31-rc7, but the impact is limited to <= 2.6.24.4 as AF_LLC sockets have been restricted to CAP_NET_RAW since then.
Only 5 bytes of uninitialized kernel stack are leaked via AF_LLC's getsockname().
— a/net/llc/af_llc.c
+++ b/net/llc/af_llc.c
@@ -914,6 +914,7 @@ static int llc_ui_getname(struct socket *sock, struct sockaddr *uaddr,
struct llc_sock *llc = llc_sk(sk);
int rc = 0;+ memset(&sllc, 0, sizeof(sllc));
lock_sock(sk);
if (sock_flag(sk, SOCK_ZAPPED))
goto out;
sllc_arphrd member of sockaddr_llc might not be changed. Zero sllc before copying to the above layer’s structure.
FreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit
FreeBSD suffers from classical check/use race condition on SMP systems in kevent() syscall, leading to kernel mode NULL pointer dereference. It can be triggered by spawning two threads:
1st thread looping on open() and close() syscalls
2nd thread looping on kevent(), trying to add possibly invalid filedescriptor.
The bug was fixed in 6.1-STABLE, just before release of 6.2-RELEASE, but
was not recognized as security vulnerability.
Using Tor networks for scanning
During a Penetration Test, a lot of pentesters think that test should not include scanning of the target network, because external attackers would seldom perform these activities as it would give away their position and the target environment may shun the attacking IP address. However as discussed in client side attack presentation (Defcon 17 – 2009 year) we can evaluate this risk.
Based on a Defcon presentation by Valsmith and his crew about client side attacks and Strandjs article.
Prerequisites:
Installation > – Tor – Privoxy – proxychains – tortunnel – nmap
A preset and complete configuration of tools.
Training
Scanning through the Tor network,all of your packets going through three Tor nodes:
proxychains nmap -sT 209.20.73.195
But you aren’t anonymous in scanning, because nmap pings the remote host and it sends ICMP packets to the target systems.
A fix packets sent to the target environment (that are not going through the Tor network) are dropped.
iptables -A OUTPUT –dest [TargetIP or range] -j DROP
Using tortunnel you can improve the speed of your scan, because it allows tor goes directly to an exit node.
You need to edit proxychains.conf file to use socks5 and look for stable exit nodes to scan through.
socks5 127.0.0.1 5060
Start Tortunnel
./torproxy [ExitNodeIP]
now restart Nmap
proxychains nmap -sT -p 80,443,21,23 209.20.73.195
and configure /etc/privoxy conf file
forward-socks5 / 127.0.0.1:5060 .
If IPs will block you, move to another node.
Please understand that there are a lot of risks through a Tor network, because it isn’t completely anonymous,your traffic can be sniffed on the exit nodes.
“Confront your soldiers with the deed
itself, never let them know your design”. Sun-Tzu, The Art of War.
Sealckers.org is © 2008-2010
Powered by Sealckers.org Web Engine ©
Entries (RSS) and Comments (RSS).
Written in Vim , UTF-8 encoded.
9 queries. 0.871 seconds.
