Monthly Archives: March 2013

You are browsing the site archives by month.

Information about your Linux system distribution

It’s not always easy to look for your Linux distribution name and version. Sometimes you will need those information because you are asked, for example on a support forum to resolve your problems.

There are a few simple and useful commands that will help you for this.

Distribution name and version

This command will be helpful to find the distribution name and it’s version like Debian X, Fedora X, Ubuntu X, etc. Read More →

Useful Linux bash search commands

Here is some useful commands you should have around you when you’re looking for something on your hard drive.

Find in content files

This linux command can be used if you want to find something into content files. Be sure to be in the desired directory where you want to start the search. It can take a while because of the (-r) recursion. It will display number lines with the -n parameter. grep –help to find more parameters. Read More →

Debian Security Update – php5 – 05 Mar 2013

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues:

  • CVE-2013-1635 If a PHP application accepted untrusted SOAP object input remotely from clients, an attacker could read system files readable for the webserver.
  • CVE-2013-1643 The soap.wsdl_cache_dir function did not take PHP open_basedir restrictions into account. Note that Debian advises against relying on open_basedir restrictions for security. Read More →

Debian Security Update – Apache2 – 04 Mar 2013

Several vulnerabilities have been found in the Apache HTTPD server.

  • CVE-2012-3499 The modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp did not properly escape hostnames and URIs in HTML output, causing cross site scripting vulnerabilities.
  • CVE-2012-4558 Mod_proxy_balancer did not properly escape hostnames and URIs in its balancer-manager interface, causing a cross site scripting vulnerability.
  • CVE-2013-1048 Hayawardh Vijayakumar noticed that the apache2ctl script created the lock directory in an unsafe manner, allowing a local attacker to gain elevated privileges via a symlink attack. This is a Debian specific issue. Read More →

Drupal 7 Optimizations, Make it faster in one single line !

I just discovered something today that should interest lots of people :P Did you know Drupal saves each notice and error in his report logs ? If you have a custom script that generates for example 1000 notices, Drupal does 1000 notice database inserts before you get results. The script execution will never fail and you won’t be warned of these. Read More →