Encode user and password into base64 using perl

perl -MMIME::Base64 -e 'print encode_base64("user");'

perl -MMIME::Base64 -e 'print encode_base64("password");'

Read More

Samsung’s Gear S2 Tizen Watch Launches as Android Wear Opens to iOS

samsung-gear-s2Samsung unveiled its Tizen Linux-based Gear S2 smartwatch, which it teased a few weeks ago at the recent Galaxy Note 5 and Edge S6+ launch. The round-faced watch boasts up to three days battery life and features a rotating bezel to augment the touchscreen UI. It will also be available in a slightly thicker 3G model with up to two hours of life that supports voice calls, according to a report from The Verge.

The Gear S2 features a round, 1.2-inch 360×360 AMOLED display with IP68 dust- and water resistance, as well as WiFi, Bluetooth, and NFC. It measures 11.5mm thick, or about a millimeter thicker than the Apple Watch. The 3G version swells to 13.4mm...

Read More

Five Linux-Ready, Cost-Effective Server Control Panels

jack-webuzoWhen you consider web-based control panels, the first thing to comes to mind is the de facto standard cPanel. It’s a powerhouse of a tool, that can do just about everything a server admin could imagine (and then some). Of course, if you’re looking for a cost-effective or open source option, you’d best turn away from that solution. Even though cPanel is one of the most powerful control panel tools available, it is out of the price range of anyone outside of medium to large businesses.

And it’s proprietary.

With that in mind, where do you turn? Linux, that’s where. Fortunately, plenty of options are available to meet almost every need. From web, email, DNS, database, backups, FTP, monitoring, and so much more… open source server control panels have you covered.

Diving into the mi...

Read More

USN-2732-1: Linux kernel (OMAP4) vulnerability

Ubuntu Security Notice USN-2732-1

3rd September, 2015

linux-ti-omap4 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to expose sensitive information.

Software description

  • linux-ti-omap4 – Linux kernel for OMAP4

Details

Benjamin Randazzo discovered an information leak in the md (multiple
device) driver when the bitmap_info.file is disabled. A local privileged
attacker could use this to obtain sensitive information from the kernel.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1470-omap4 3.2.0-1470.91

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After ...

Read More

USN-2733-1: Linux kernel (Trusty HWE) vulnerability

Ubuntu Security Notice USN-2733-1

3rd September, 2015

linux-lts-trusty vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to crash or run programs as an administrator.

Software description

  • linux-lts-trusty – Linux hardware enablement kernel from Trusty

Details

It was discovered that an integer overflow error existed in the SCSI
generic (sg) driver in the Linux kernel. A local attacker with write
permission to a SCSI generic device could use this to cause a denial of
service (system crash) or potentially escalate their privileges.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
linux-image-3.13.0-63-generic 3.13.0-63.104~precise1
Read More

USN-2734-1: Linux kernel vulnerability

Ubuntu Security Notice USN-2734-1

3rd September, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS

Summary

The system could be made to crash or run programs as an administrator.

Software description

  • linux – Linux kernel

Details

It was discovered that an integer overflow error existed in the SCSI
generic (sg) driver in the Linux kernel. A local attacker with write
permission to a SCSI generic device could use this to cause a denial of
service (system crash) or potentially escalate their privileges.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-63-powerpc64-emb 3.13.0-63.103
linux-image-3.13.0-63-lowlatency 3.13.0-63.103
linux-imag...
Read More

USN-2729-1: libvdpau vulnerabilities

Ubuntu Security Notice USN-2729-1

3rd September, 2015

libvdpau vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

libvdpau could be made to run programs as an administrator.

Software description

  • libvdpau – Video Decode and Presentation API for Unix

Details

Florian Weimer discovered that libvdpau incorrectly handled certain
environment variables. A local attacker could possibly use this issue to
gain privileges.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.04:
libvdpau1 0.9-1ubuntu0.1
Ubuntu 14.04 LTS:
libvdpau1 0.7-1ubuntu0.1
Ubuntu 12.04 LTS:
libvdpau1 0.4.1-3ubuntu1.2

To update your system, please follow these instructions...

Read More

USN-2730-1: OpenSLP vulnerabilities

Ubuntu Security Notice USN-2730-1

3rd September, 2015

openslp-dfsg vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

OpenSLP could be made to crash if it received specially crafted network traffic.

Software description

  • openslp-dfsg – OpenSLP development files

Details

Georgi Geshev discovered that OpenSLP incorrectly handled processing
certain service requests. A remote attacker could possibly use this issue
to cause OpenSLP to crash, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2012-4428)

Qinghao Tang discovered that OpenSLP incorrectly handled processing certain
messages. A remote attacker could possibly use this issue to cause
OpenSLP to cr...

Read More

Tumbleweed gets three snapshots this week

TumbleweedDuring the past week, Tumbleweed had three snapshots and two packages updated to major versions.

Perl’s update to version 5.22 in the 20150828 snapshot was perhaps the biggest news for TW this week, which was evident in the tread that followed the snapshot release.

The libinput library that handles input devices in Wayland compositors and generic X.Org input drivers upgraded to its first major version in the 20150828 snapshot, which moved from version 0.21 to 1.0. Python-cryptography was another version that updated to version 1.0, which was previously 0.9.3.

In the 20150829 snapshot, LibreOffice updated to version 5.0.1.2 and worth mentioning is ExifTool, which is for reading, writing, and manipulating image, audio, and video metadata, updated to version 10.

In the latest snapshot 20150...

Read More

USN-2728-1: Bind vulnerability

Ubuntu Security Notice USN-2728-1

2nd September, 2015

bind9 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Bind could be made to crash if it received specially crafted network traffic.

Software description

  • bind9 – Internet Domain Name Server

Details

Hanno Böck discovered that Bind incorrectly handled certain malformed keys
when configured to perform DNSSEC validation. A remote attacker could use
this issue with specially crafted zone data to cause Bind to crash,
resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.04:
bind9 1:9.9.5.dfsg-9ubuntu0.3
Ubuntu 14.04 LTS:
bind9 1:9.9.5.dfsg-3ubuntu0.5
Ubu...
Read More