December 18, 2003

pconsole 幫你管理整個 Cluster

經由在 IRC #debian.tw 頻道 AndrewLee 的介紹, 知道了有一個工具可以幫助我們管理許多台機器, 這是一個可以登入多台機器並同時輸入管理指令的好工具.

以下是它的特點: (翻譯自原始網站)
# 在你的叢集裡可同步使用每一台電腦
# 無限制數量的登入連線
# 安全性 (預設使用 SSH)
# 安裝容易 -- 不需要在叢集內的其他結點安裝
# 簡單的使用者介面
# 即使需要 root 權限, 也可以安心使用

網址:http://www.heiho.net/pconsole/

由 chuany 發表於 10:35 AM | 迴響 (205) | 引用

December 10, 2003

免升級 Kernel 解決 do_brk bug 漏洞法

在 SecurityFocus 的 MailingList 上, 有人提供程式讓您可以不需要重新 Compile Kernel, 就可以修補好這個 Kernel 的重大漏洞.

以下為該討論內容:

Subject: Re: Hot fix for do_brk bug
Date: Dec 9 2003 6:24PM
Author: Mariusz Woloszyn
Message-ID:
In-Reply-To:


On Sat, 6 Dec 2003, Pavel harry_x Palát wrote:

> > It would be less intrusive to the kernel to supply a fixed do_brk()
> > and replace the do_brk with a jump to your version.
>
> I've written similar patch few days ago. The patch only modifies first
> instructions of do_brk() (it replaces them with jmp to function in LKM.
> It can be downloaded from http://wizard.ath.cx/fixbrk.tar.gz
>
> But beware, I wrote it in rush and it's pretty odly written :-) But it
> worked on my two servers (both were running 2.4.21 kernel with grsecurity
> patch).
>

Sometimes it might be valuable to patch your fixbrk.pl.
Your version does:

system("gcc -D__KERNEL__ -DMODULE -c -o _fixbrk.o fixbrk.c");

On some hosts, to compile this module you need to specify the path to
kernel header files. For example:

system("gcc -D__KERNEL__ -DMODULE -I/usr/src/linux/include -c -o _fixbrk.o
fixbrk.c");

Otherwise you might end up with something like:

/usr/include/asm/processor.h:56: error: `CONFIG_X86_L1_CACHE_SHIFT' undeclared here
(not in a function)


Regards,

--
Mariusz Wo³oszyn
Internet Security Specialist, GTS - Internet Partners

來源:http://www.securityfocus.com/archive/1/346982

由 chuany 發表於 03:21 PM | 迴響 (133) | 引用

December 04, 2003

phpBB search.php SQL Injection Vulnerability

在 PHPBB 2.0.6 版有一隻程式叫 search.php 發現一個容易受到攻擊的漏洞。

請在該程式搜尋第 685 行,將以下原始碼:

if ( intval($search_id) )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
WHERE search_id = $search_id
AND session_id = '". $userdata['session_id'] . "'";

更改成以下原始碼即可獲得解決。

$search_id = intval($search_id);
if ( $search_id )
{
$sql = "SELECT search_array
FROM " . SEARCH_TABLE . "
WHERE search_id = $search_id
AND session_id = '". $userdata['session_id'] . "'";

資料來源 Security Focus

由 chuany 發表於 10:17 AM | 迴響 (132) | 引用