Ubuntu Security :: Vulnerability In Karmic And Intrepid Alpha2?
Feb 24, 2010
I decided to report what happened me lately so that someone more clever could find the hole in the latest ubuntu. So: I have a machine connected 24/7 on high speed network. i had karmic on it. i ran openssh and apache2 (without any mod, plain apache2) on it. In addition i ran firefox, ktorrent, and amule on it. Nothing else. The system didnt have any rule in iptables.
Recently chkrootkit signaled a SuckIT rootkit in the system. I was scared, i googled for it and i saw that on ubuntu this actually happened and it was a false positive. Ok, i kept going. Yesterday i nmapped myself and i found an open port around 64000 that i couldnt see with netstat -atpnl so i concluded i was actually infected and erased the drive and tried to install lucid alpha2 so, one day of lucid,
- with a firewall this time that let open only the port 22 and 80 from internet
- with only openssh as service (no apache2)
- ran firefox3.6 , ktorrent and amule , nothing else
chkrootkit didnt find anything
debsums reported
debsums: changed file /sbin/initctl (from upstart package)
i did an apt-get install --reinstall upstart and that file didnt warn anymore. So i concluded there must be some kind of vulnerability either in
a) firefox
b) ktorrent
c) amule
View 6 Replies
ADVERTISEMENT
Apr 2, 2010
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies
View Related
Aug 26, 2010
I noticed that when typing in your password after locking the screen or a screensaver, the program focussed behind it is able to catch the input...
This sounds like a huge security risk to me, is there anyone who can test this? (Only noticed with game in wine, perhaps you need low level xorg access)
View 1 Replies
View Related
Jan 13, 2011
I i've virtual machine that is running BackTrack4r2. I need to use the built-in tool Metaspolit in bt for assessing the security and vulnerability in websites The prob is that i dont have any about the Metaspolit tool.
View 10 Replies
View Related
Sep 28, 2010
Using Opera 10.61 and 10.62, I find that any secure website I access, such as a bank, the lock icon in the address bar is replaced by a question mark. Clicking on it brings up a window, stating that the connection is not secure, that the server does not support TLS Renegotiation. Doing some internet searches for "opera tls renegotiation" brought me to a page at the Opera website, where they discuss this issue. The issue is generic, not limited to Opera, affecting the TLS protocol, and it potentially enables a man-in-the-middle to renegotiate a "secure" connection between a server and client, issuing own commands to the server. Opera has addressed the problem on the client end, but now servers need to be upgraded too. None of the HTTPS sites I have tried have upgraded their servers, if the information provided by the Opera browser is correct.
My questions: how feasible is such a MITM attack, what level of resources would such an attack require? What, if anything, would the attacker need to know about the client and/or server to mount the attack? Would I be better off using Firefox, or is Firefox simply oblivious of the problem and not issuing warnings for that reason?
View 4 Replies
View Related
Feb 11, 2010
Is there a free online vulnerability scanner where either I can give them the IP address to scan or can be initiated from the console command, tool, or text based browser. I use GRC's Shields Up when I have a GUI, but I want a scan ran on my website that runs Ubuntu 8.04 server on a hosted VPS.
View 5 Replies
View Related
May 12, 2010
I've got an HP Netbook with Jaunty installed, and I've got an older Dell laptop running Debian.A friend of mine, on several occasions, has told me that when I left my computers unattended he could do some kind of series of key-strokes, and then a window comes up and he says that he can change the password for my account.I've asked him to show me how he does it, but he never will because he doesn't want me to be able to thwart himIs he lying, or is it for real? if it's for real, how do I go about changing it so that it can't happen anymore?
View 5 Replies
View Related
Jun 8, 2010
I ran across this problem when I used checkinstall and then tried to extract the contents of data.tar.gz (which you can find inside any .deb).tar has an option to extract the contents of a file in a given directory.From tar's manpage:
Code:
-C, --directory DIR
change to directory DIR
[code]....
View 2 Replies
View Related
Aug 10, 2010
Quote: Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Apparently the hole can be exploited simply by sending a specially crafted certificate to the client, causing deallocated memory to be accessed in the ssl3_get_key_exchange function (in ssls3_clnt.c). While this usually only causes an application to crash, it can potentially also be exploited to execute injected code.
View 1 Replies
View Related
Mar 22, 2010
In the beginning was the Ubuntu 9.10, and the Ubuntu 9.10 was with Good, and the Ubuntu 9.10 was Good. Then I've upgraded it to Ubuntu 10.04 Alpha1, to Alpha2 and to Alpha3. I remember when it was Alpha1, there was the MeMenu thing in my GNOME Panel, but it was gone since, I think - I'm not sure, cuz I've not used that much - Alpha2. I was able to get it back again according to the help got from the following thread:[URL].. Although I've updated my OS daily, that MeMenu thing never came back automatically!
The doubt that I'm having now is, how can I be sure that all the new features are installed in my - currently - Ubuntu 10.04 Beta1 ? If MeMenu thing didn't came back - or came - automatically, mightn't there be some things I'm missing in my OS?
View 6 Replies
View Related
Mar 15, 2010
During the installation of Ubuntu Karmic, I picked the option that encrypts my home directory.
A few questions:
(1) Shortly after installation, I was asked to run a command to print a key necessary for data recovery from a rescue CD. I didn't run it at the time and am now looking for the command to run. What is it?
(2) I think I read somewhere that this also encrypts swap. Great. Correct me if that's wrong.
(3) If I suspend the machine, is my home directory encrypted? That is, if I have this on a laptop and travel with the suspended laptop and someone steals it, are my data safe, or not?
(4) I assume the weakest point in the system is my relatively short login password (but I think the install tests it and found it okay). Is there a recommendation how long this should be?
View 3 Replies
View Related
Mar 7, 2010
whats the most secure firefox browser for karmic that i can use from a PPA source ? that source must be trustable.could you tell me the PPA for the one in question as well ?
View 2 Replies
View Related
Oct 24, 2010
If the moderators permit (because it's a security issue), the security vulnerability was shown in the ubuntu 10.04(64 bits) first by VSR, a security research firm. Now kindly view the link i will give and suggest what to do! I have the same version ,but the 32 bits(Intel).
View 2 Replies
View Related
Mar 24, 2010
As you might have heard, a recent critical vulnerability was discovered in Firefox 3.6.Any word on a Slackware patch coming soon? I'd prefer to use a Slackware package rather than the actual Mozilla release, but I also don't like browsing the web with a remote code execution bug in my browser.Or is Slackware unaffected by this?
View 14 Replies
View Related
Jul 28, 2010
i'm still on Intrepid (i know, i'm behind the times) and i've been poking around for simple-straightforward info on how to upgrade my VLC 0.9.4 to 1.x.....but everything i've found seems to assume one is already on Jaunty at least. even videolan.org has simple-straightforward info for upgrading VLC for all distros as far back as Hardy....except for Intrepid. and i'm half-tempted to just try following the steps given for those who are on Jaunty and just seeing what happens.....though i also can't help but think that it may be dangerous to do that. does it even matter at all which ubuntu version i'm on, and i'm worrying about it for nothing? xD
View 2 Replies
View Related
Mar 12, 2010
I am using Nagios 3.2.4 tool with Nagios-Plugins-1.4.14 and on Red Hat Fedora Linux ver 10.1.The Apache version is 2.2.11. My security team has identified the following vulnerabilities with this version and they want me to find a fix.
1)Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
2)Apache HTTP Server mod_proxy stream_reqbody_cl Function Denial of Service Vulnerability
3)Apache HTTP Server mod_deflate Remote Denial Of Service Vulnerability
4)Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
View 6 Replies
View Related
Feb 27, 2010
I'm having trouble with some qt-based apps that did work previously but now do not. So far I've seen this with Skype, VLC and umbrello. Applications appear to execute but GUI never seems to initialise. CPU remains around 90%. I'm using an eeepc 1000H running ubuntu intrepid 8.10 with adam's kernel 2.6.27-8-eeepc. Any ideas on how I can debug this? As I mentioned these applications worked fine in the past, I'm guessing an update broke them.
View 4 Replies
View Related
Nov 25, 2010
Anyhow I haven't been able to update my system... Everytime I try to do: "sudo apt-get update" I get these messages:
Ign http://co.archive.ubuntu.com intrepid-updates/restricted Translation-es
Err http://security.ubuntu.com intrepid-security/main Packages
404 Not Found
[code]...
View 5 Replies
View Related
Jan 5, 2011
Is there a substitute for Intrepid repos? I'm not able to access a few servers and don't want to upgrade the OS on this box.
Code:
View 4 Replies
View Related
Jan 21, 2011
I still use Intrepid 8.10 on one of my older machines and have tried, but in vain, to install some rar compression software from the repos. It seems as if the specified repo for 8.10 is now end of life Would anyone know of where I could download a .deb file containing an older version of rar which would install correctly on by box ?
View 4 Replies
View Related
Jul 5, 2011
I'm trying to install DAR ("Disk Archive utility") in Intrepid 8.10. I get these errors:
Err http://us.archive.ubuntu.com intrepid/universe libdar64-4 2.3.8-1
404 Not Found [IP: 91.189.88.40 80]
Err http://us.archive.ubuntu.com intrepid/universe dar 2.3.8-1
404 Not Found [IP: 91.189.88.40 80]
[code]...
View 9 Replies
View Related
Dec 3, 2010
I know it's kind of my fault but I have this problem. I have two machines running Intrepid. I should have upgraded them in due time but what's done is done. Now I need to install some packages there but the Intrepid is no longer supported - Intrepid repositories are no longer available.
View 3 Replies
View Related
Jan 9, 2011
i removed the vim-tiny with sudo appitude remove vim and then tried reinstalling the vim full but it seems that the package is obsoleted.
shortcasper@shortcasper-laptop:/usr/local/download$ sudo apt-get install vim
Reading package lists... Done
Building dependency tree
[code]...
View 2 Replies
View Related
Feb 24, 2010
I wanted to know anyone's experience with the new deb package ncomputing released for Intrepid. I've used their products and fought my way through to make them work. I was able to get ncomputing to work for a short while with intrepid, but upon installing the video drivers (and rebooting) the l230 hasn't been able to connect to any other host. (With Intrepid running). I've updated the firmware but the box still refuses to connect, for awhile it would say TS error (....). The system log only showed,
Date SystemName ncltsd [6198]: ERROR: NULL == video
[18043]: ERROR: SrvCli.CreateSession () failed! (3211426, 1869984)
Any help I can get would be much appreciated. If I forgot anything of I apologize, as you probably noticed it's my first time using the forum and I have only been using Ubuntu for a little less than a year.
View 9 Replies
View Related
May 4, 2010
I would like to add Ubuntu 8.10 as a dual boot option to my Ubuntu 10.04 installation. It is not immediately obvious to me how to do so, because running the CD installation will presumably overwrite Grub2 with Grub (and might not successfully boot 10.04).
How do I install 8.10 without overwriting my Grub2, and then add 8.10 to the Grub2 menu?
View 6 Replies
View Related
Jul 13, 2010
I had Orca installed for absolutely no reason, and I decided to start it and try playing with the text to speech. It wasn't interesting and I closed it. Now that I've restarted the computer, in GNOME sound doesn't work for certain things (VLC, Firefox). I uninstalled Orca because it auto-started on log-in and the preferences would freeze when I tried to change them. I read about a problem in 9.10 where there is some file taht disabled pulseaudio, I don't see it and I am using 8.10 anyways. :/
EDIT: I've re-installed Orca and edited the preferences fine this time, but the sound still doesn't work for VLC and Firefox. Now I've completely uninstalled Orca from synaptic and it still doesn't work. The sound test works fine, though. I'm sure there is some configuration file Orca added something to, but I don't know how to find it.
View 5 Replies
View Related
Apr 15, 2009
Just installed latest Ubuntu (intrepid Ibex) on my DFI Ultra Infinity II system. It has onboard audio via a Realtek ACL650 chipset. Unfortunately, no sound. Have searched various forums, etc. and found recommendations to download the ALSA driver from realtek, but those posts are from ~2007 and the drivers are dated from back then as well. Nobody present-day seems to be suffering audio problems with this motherboard or chipset. I did install the 2007 realtek driver, but no change. What logs can I check?
View 3 Replies
View Related
Nov 11, 2009
I just upgraded from jaunty to intrepid. The upgrade tool went through everything without a hitch and when it finished it told me to restart my computer. When I did, ubuntu began to boot, got past the initial loading splash screen, but immediately after, before the login splash, the screen freezes with some strange graphics glitch and refuses to work from there. How can I fix this to any workable state, upgraded or not?
View 1 Replies
View Related
Feb 11, 2010
I had an old machine running Feisty.I followed the EOL guides and upgraded from 7.04 => 7.10 => 8.04 => 8.10 (intrepid).Now that I'm at intrepid, I want to use the update manager to upgrade to 9.04 (Jaunty). Whenever I launch update manager (System->Administration->Update Manager) everything looks fine until I choose "New distribution release '9.04' is available" and click the Upgrade button.
At this point, Update Manager complains and says "Could not find the release notes" "The server may be overloaded". I'm assuming this could be a faulty URL somewhere, but I wouldn't know where. My sources.list seems to work fine for regular intrepid updates, so not sure there would be anything there that could be the fault. Once I get this error, I can only click "close".
Extracting the upgrade failed. There may be a problem with the network or with the server. Obviously, my general networking is fine (or I wouldn't be able to post this message)..and again, standard updates work fine.Any insight into what is causing this (or maybe how Update Manager works so that I might try a bit of debugging myself?
View 9 Replies
View Related
Mar 9, 2009
When I am trying Cheese to view the Webcam, I am getting a message "No Camera found".
But if I do a lsusb, then the following details are shown :
Bus 003 Device 003: ID 0c45:6130 Microdia PC Camera (SN9C120)
Is there any way to correct this problem. I am on Ubuntu Intrepid 8.10.
View 6 Replies
View Related
