Published another case studies about SaltOS in the MariaDB site: http://kb.askmonty.org/en/saltos-sees-gains-with-subqueries-in-mariadb/
After being developed several applications that use MySQL, I realized that it is very inefficient when tables have a lot of records and queries have various joins and subqueries. More info at: Why use MariaDB instead of MySQL?
I have reveived an email with the follow text: "Exploit found. hey fucking script kiddies, write good scripts... god damn it. http://packetstormsecurity.org/files/115855" from "Hans Wurst" using the web contact form.
As I don't know how contact with he because he doesn't add a real email, I want ask to he: are you a programmer?, have you made some contribution to society?, I consider your email as prepotent.
Now that I already have a computer with PHP 5.4, I could do the tests, apply the changes and make the necessary improvements in the code to work properly in PHP 5.4. You can download it from the nightly from this night.
RaCaMeT had to leave the VPS that he had hired and for that reason, I had to move all the demostration environment to my personal server. Since the SaltSO and RhinOS projects, I want say thanks to RaCaMeT by these months of free hosting.
As announced a few days ago, you can download the nightly version of SaltOS from sourceforge: http://sourceforge.net/projects/saltos/files/nightly/
This morning I detect a bug in a library that I use frequently and when I notify it to the author, he responds to me "To paraphrase Mr. Crockford: don't do that.". If you want to see all the thread, go to https://github.com/rgrove/jsmin-php/issues/14
As many people ask me about how can download the last release of SaltOS (ie, I have in development), I will to publish a nightly version every night with all current changes. I will shortly be mounted to the public.
The ABCustom company, a company that uses SaltOS from a long time in their management, has decided to thank the effort I make to the project with a partial part of an office located in Barcelona. Also I have installed my subversion server that I use for version control, connected to high speed internet. It's really gratifying to see that the wheel turns.
Advisory:
- HSV-2012-0005
Time Line:
- Detection Date: 22/03/2012
- Notification Date: 22/03/2012
- Fix Date: 22/03/2012
- Disclosure Date: 22/03/2012
Name:
- Arbitary File Download in RhinOS v3.0
Afected Versions:
- SaltOS v3.0 r1238 and previous
References:
- CVE ID: N/A
- Bugtraq ID: N/A
- OSVDB ID: N/A
Descriptión:
- Authenticated users can download any file from the server where RhinOS is instaled
POC / Exploit:
- http://www.example.com/admin/inicio.php?include=php/download.php&name=passwd.txt&file=/etc/passwd
Solution:
- Update the version of RhinOS v3.0 to r1247 or later
Advisory:
- HSV-2012-0001
Time Line:
- Detection Date: 14/03/2012
- Notification Date: 15/03/2012
- Fix Date: 16/03/2012
- Disclosure Date: 16/03/2012
Name:
- Information Disclosure in SaltOS v3.1
Afected Versions:
- SaltOS v3.1 r5100 and previous
References:
- CVE ID: CVE-2010-1598
- Bugtraq ID: 39605
- OSVDB ID: 63939
Descriptión:
- is possible to obtain information about the server through the library phpthumb.php
POC / Exploit:
- http://www.example.com/code/lib/phpthumb/phpThumb.php?phpThumbDebug=9
Solution:
- Change the value of "$PHPTHUMB_CONFIG['disable_debug']= false;" to "$PHPTHUMB_CONFIG['disable_debug']= true;" in phpThumb.config.php, or update to the version of SaltOS to r5104 or latter
========================================================================================================================
Advisory:
- HSV-2012-0002
Time Line:
- Detection Date: 14/03/2012
- Notification Date: 15/03/2012
- Fix Date: 16/03/2012
- Disclosure Date: 16/03/2012
Name:
- Command Injection in SaltOS v3.1
Afected Versions:
- SaltOS v3.1 r5100 and previous
References:
- CVE ID: CVE-2010-1598
- Bugtraq ID: 39605
- OSVDB ID: 63939
Descriptión:
- is possible to run commands in the server through the 'fltr' parameter in the library phpthumb.php
POC / Exploit:
- http://racamet.saltos.net/code/lib/phpthumb/phpThumb.php?fltr=blur|9 -quality 75 -interlace line fail.jpg jpeg:fail.jpg ; ls -la ;cat /etc/passwd; & src=file.jpg & phpThumbDebug=9
Solution:
- Change the value of "$PHPTHUMB_CONFIG['disable_debug']= false;" to "$PHPTHUMB_CONFIG['disable_debug']= true;" in phpThumb.config.php, or update to the version of SaltOS to r5104 or latter
========================================================================================================================
Advisory:
- HSV-2012-0003
Time Line:
- Detection Date: 14/03/2012
- Notification Date: 15/03/2012
- Fix Date: 16/03/2012
- Disclosure Date: 16/03/2012
Name:
- Information Disclosure in RhinOS v3.0
Afected Versions:
- SaltOS v3.0 r1238 and previous
References:
- CVE ID: CVE-2010-1598
- Bugtraq ID: 39605
- OSVDB ID: 63939
Descriptión:
- is possible to obtain information about the server through the library phpthumb.php
POC / Exploit:
- http://www.example.com/code/lib/phpthumb/phpThumb.php?phpThumbDebug=9
Solution:
- Change the value of "$PHPTHUMB_CONFIG['disable_debug']= false;" to "$PHPTHUMB_CONFIG['disable_debug']= true;" in phpThumb.config.php, or update to the version of RhinOS to r1241 or latter
========================================================================================================================
Advisory:
- HSV-2012-0004
Time Line:
- Detection Date: 14/03/2012
- Notification Date: 15/03/2012
- Fix Date: 16/03/2012
- Disclosure Date: 16/03/2012
Name:
- Command Injection in RhinOS v3.0
Afected Versions:
- SaltOS v3.0 r1238 and previous
References:
- CVE ID: CVE-2010-1598
- Bugtraq ID: 39605
- OSVDB ID: 63939
Descriptión:
- Is possible to run commands in the server through the 'fltr' parameter in the library phpthumb.php
POC / Exploit:
- http://www.example.com/code/lib/phpthumb/phpThumb.php?fltr=blur|9 -quality 75 -interlace line fail.jpg jpeg:fail.jpg ; ls -la ;cat /etc/passwd; & src=file.jpg & phpThumbDebug=9
Solution:
- Change the value of "$PHPTHUMB_CONFIG['disable_debug']= false;" to "$PHPTHUMB_CONFIG['disable_debug']= true;" in phpThumb.config.php, or update to the version of RhinOS to r1241 or latter
Thanks to RaCaMeT, you can enjoy a VPS with 8 cores, 3Gb of RAM and 100GB of NAS connected to a fast internet connection to test SaltOS and RhinOS.
After making some improvements in the captcha system, the demostration services were out of service. The error has been detected and fixed, and everything is back to normal. Sorry by the inconvenience, but I am doing improvements to prevent the annoying spam inside the forum.
Dinahosting has confirmed today that continue the sponsorship for another year to the SaltOS and RhinOS projects, giving a free linux hosting for the website. As always to all those who collaborate with these projects: Thank you.
By the way, I'm looking for a housing provider to allow me to put a computer tower where run the demos of SaltOS and RhinOS.
Good morning to the SaltOS and RhinOS followers. As already announced the past week, I uploaded to sourceforge the new packages with the improvements discussed, as well as some updates from third-party libraries.