Dirty Sock Snapd Local Privilege Escalation Vulnerability

A local privilege escalation in snapd versions 2.28 through 2.37 that could allow the creation of root level accounts – may give you a Dirty Sock ! Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access

Read more

Linux APT Package Manager Remote Code Execution Bug Patched

Original Source: BleepingComputer Independent consultant and security contractor Max Justicz discovered a remote code execution issue in the APT high level package manager used by Debian, Ubuntu, and other related Linux distributions. As described by Justicz, the APT vulnerability present in the package manager starting with version 0.8.15 “allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary

Read more

Examine Network Socket Connections with Linux ss Command Instead of Netstat

Examine Network Socket Connections with Linux ss Command Instead of Netstat The Linux ‘ss’ command replaces the older ‘netstat’ and makes a lot of information about network and socket connections available for you to easily examine or troubleshoot issues. The ss (socket statistics) command provides a lot of information by displaying details on socket activity. What is a Socket? A

Read more

PhpMyAdmin MySQL Table Export SQL Format Missing

PhpMyAdmin MySQL Table Export SQL Format Not Available phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web, it’s a very popular tool included with many server control panels such as Plesk and cPanel.  Recently an incident was sent my way where a large customer was advising the ability to export single MySQL

Read more

Apache httpd No Space Left on Device AH00023

Issue Had this pop up today, been several years since the ugly Apache semaphore scenario reared its messy head. You’ll have an Apache http web service down, upon typical quick look and attempt to restart, Apache fails to kick off. No biggie, whether digging through logs, systemctl status and journalctl stuffs you’ll eventually come across something similar to: [Sun Dec

Read more

Ubuntu 18.04 Crashing on vmWare ESXi Server and Carrots

Internal scenario recently. Some Ubuntu Server guest VMs running on top of vmWare ESXi server. Everything running fine, no issues, then the Ubuntu guest VMs will just randomly become utterly unresponsive. Nothing happening before, the only thing on the Ubuntu guest logs are just a crap ton of carrot jibberish: “^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@” Luckily I came across this post related to Mastodon

Read more

SSH and FTP Slow Authentication, DBUS and Logind Restart

Fairly interesting Plesk Onyx, ProFTPD, DBUS and Logind scenario recently. Had a server sporadically terminating FTP sessions that were working fine previously. After verifying overall connectivity and firewalling were not the issue time to start diging through logs. While I could see the incomplete and terminated FTP sessions, there was nothing incredibly insightful as to why. Seeing the FTP daemon

Read more

Change Linux Primary IP Address Without Losing Connectivity

You need to change an IP address of an interface on a Linux server without loosing connectivity, so here’s one way: First add a secondary IP address to the interface: ip addr add 192.168.1.10/24 dev eth0 ip addr show eth0 And confirm: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 44:38:39:00:11:aa brd ff:ff:ff:ff:ff:ff inet 192.168.1.5/24 scope global eth0 inet 192.168.1.10/24

Read more