≡ Menu


HowTo: Migrate / Move MySQL Database And Users To New Server

I already wrote about how to move or migrate user accounts from old Linux / UNIX server to a new server including mails and home directories. However, in reality you also need to move MySQL database which may host your blog, forum or just your data stored in MySQL database. The mysqldump command will only export the data and the table structure but it will not include a users grants and privileges. The main function of the MySQL privilege system (which is stored in mysql.user table) is to authenticate a user who connects from a given host and to associate that user with privileges on a database such as SELECT, INSERT, UPDATE, and DELETE.
[click to continue…]

Red Hat Enterprise Linux 5 IMPORTANT Security Update [ 4-Nov-2008 ]

Red Hat today released kernel updates to fix at least 15 security flaws in its core called Linux kernel. RHEL users can grab the latest updates from RHN website or by simply running yum update command. This update has been rated as having important security impact.
[click to continue…]

Ubuntu Linux Critical OpenSSL and Ruby Vulnerabilities Fix Released

An unpatched security hole in Ubuntu Linux 8.04 LTS operating system could be used by attackers to send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL to take control of vulnerable servers. Also ruby package can be used to run a malicious script - an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. It is recommended that you immediately update your system. Affected systems:
OpenSSL Vulnerability - Ubuntu Linux LTS 8.04 and corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
Ruby Vulnerability - Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS and corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

How do I fix this issue

Simply type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade

After a standard system upgrade you need to reboot your computer to effect the necessary change:
$ sudo reboot

Security Alert: Ubuntu Linux kernel vulnerabilities

Ubuntu Linux today pushed out a new version of Linux kernel to fix serval local and remote security issues. A malicious CIFS server could cause a client system crash or possibly execute arbitrary code with kernel privileges. On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. This security issue affects the following Ubuntu, Kubuntu, Edubuntu, and Xubuntu. releases:

=> Ubuntu 6.06 LTS
=> Ubuntu 7.04
=> Ubuntu 7.10

To fix this issue type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade

You need to reboot your computer to effect the necessary changes, enter:
$ sudo reboot

FreeBSD Apache Multiple Vulnerabilities Fix Available

FreeBSD has issued updated version of its Apache package. This release considered as important and encourage users of all prior versions to upgrade.

Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unpsecified vectors.

The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.

How do I upgrade Apache under FreeBSD?

Simply run the following two commands:
# portsnap fetch extract
# portupgrade -a
# portversion

Security: Linux openoffice.org security update

Red Hat released updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5.

OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program.

Sean Larsson found a heap overflow flaw in the OpenOffice memory allocator. If a carefully crafted file was opened by a victim, an attacker could use the flaw to crash OpenOffice.org or, possibly, execute arbitrary code.

It was discovered that certain libraries in the Red Hat Enterprise Linux 3 and 4 openoffice.org packages had an insecure relative RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. A local user able to convince another user to run OpenOffice in an attacker-controlled directory, could run arbitrary code with the privileges of the victim.

All users of openoffice.org are advised to upgrade to these updated packages, which contain backported fixes which correct these issues.

How do I patch openoffice.org productivity suite ?

Simply type the following command at a shell prompt:
# yum update

How a Web server actually works ~ with C source code

Do you wonder how to write a program that accepts incoming messages with a network socket? Have you ever just wanted your own Web server to experiment and learn with?

Have you ever wondered how a Web server actually works? Experiment with nweb -- a simple Web server with only 200 lines of C source code. In this article, Nigel Griffiths provides a copy of this Web server and includes the source code as well. You can see exactly what it can and can't do.

Well, look no further -- nweb is what you need. This is a simple Web server that has only 200 lines of C source code. It runs as a regular user and can't run any server-side scripts or programs, so it can't open up any special privileges or security holes.

This article covers:

  • What the nweb server program offers
  • Summary of C functions features in the program
  • Pseudo code to aid understanding of the flow of the code
  • Network socket system calls used and other system calls
  • How the client side operates
  • C source code

nweb only transmits the following types of files to the browser :

  • Static Web pages with extensions .html or .htm
  • Graphical images such as .gif, .png, .jgp, or .jpeg
  • Compressed binary files and archives such as .zip, .gz, and .tar
  • If your favorite static file type is not in this list, you can simply add it in the source code and recompile to allow it.

Read more at IBM developerworks...