Found at : http://www.jethrocarr.com/index.php?cms=blog:20090718
A new 0-day attack on the Linux kernel has just been released by Brad Spengler called the “Chedder Bay Exploit” which exploits a flaw in the Linux 2.6.30+ kernel.
This exploit is interesting, in that the code doesn’t look particularly broken, but when compiled the compiler optimisations causes the compiled code to have a security hole.
For more technical details on this exploit and further news, check the LWN.net article or use the CVE reference CVE-2009-1897.
From my quick review of the exploit, it appears the attack uses Pulseaudio to bypass Selinux security if it is enabled and then performs an attack against the /dev/net/tun device, allowing a standard user to gain root access.
Not having pulseaudio or the tun kernel module loaded should prevent this exploit from working, although I have not yet had sufficient time to test this since I received the alert announcement around 3am NZ time.
The exploit affects the 2.6.30+ kernel releases and also some of the test kernel 2.6.18 kernel releases by Redhat.
However, all production kernel releases for RHEL/CentOS do not appear to be vulnerable since the change that introduced the security exploit had not been backported yet.
In my tests on CentOS 5.3 with kernel 2.6.18-128.1.16.el5xen on i386/xen, I was unable to trigger the exploit.
Note: This tutorial is related to Ubuntu, however the clueful can use it easily enough
My kids old apple bit the dust the other day, so i thought ‘stuff buying another overpriced machine, their linux box can suffice’
They use gnome, and are familiar with rhythmbox – which i might add, works brilliantly with iPods.
So after a few days the kids started moaning that half the music had disappered. I double checked, and it turns out half it bought of iTunes was in m4a format which wasnt readable.
Solutions!
If you are not tied to rhythmbox then jump in and install xmms and xmms-faad packages.
If you are then this is the solution.
Install the Medibuntu sources
sudo wget http://www.medibuntu.org/sources.list.d/`lsb_release -cs`.list --output-document=/etc/apt/sources.list.d/medibuntu.list; sudo apt-get -q update; sudo apt-get --yes -q --allow-unauthenticated install medibuntu-keyring; sudo apt-get -q update
Then install the following packages
sudo apt-get install libavcodec-unstripped-52 libavdevice-unstripped-52 libavformat-unstripped-52 libavutil-unstripped-49 libpostproc-unstripped-51 libswscale-unstripped-0 ffmpeg
Now convert!
ffmpeg -i file.m4a -acodec libmp3lame file.mp3
Now you need to add the id3 tags,
id3tool -t "title of song" -a "album name" -r "Artist" file.mp3
Bingo!
Virtualmin is a fantastic piece of software which allows the not-so-techy run a full hosting server nicely, however I’ve come accross a bug that seems to happen mostly in Centos 5 when trying to upgrade and you happened to have used the rpm to install
This is how you do it.
Login to Virtualmin. Click on System Settings . Click on “Upgrade to Virtualmin Pro” and enter your serial number etc.
Now if you get the following error
Failed to upgrade to Virtualmin Pro : No Virtualmin GPL repository was found in /etc/yum.repos.d/virtualmin.repo
Put this into /etc/yum.repos.d/virtualmin.repo
[virtualmin]
name=Red Hat Enterprise $releasever - $basearch - Virtualmin
baseurl=http://software.virtualmin.com/gpl/rhel/$releasever/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1
[virtualmin-universal]
name=Virtualmin Distribution Neutral
baseurl=http://software.virtualmin.com/gpl/universal/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1
Then try again. It should all go well now for you and be able to update.