High Vulnerabilities

Total Page:16

File Type:pdf, Size:1020Kb

High Vulnerabilities Vulnerability Summary for the Week of April 26, 2021 The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9 • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9 Entries may include additional information provided by organizations and efforts sponsored by Ug-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of Ug-CERT analysis. High Vulnerabilities CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an CVE- avaya -- authenticated, remote attacker to send specially 2020- 2021- session_border_controller_for_en crafted messages and execute arbitrary commands 9 7034 04-23 terprise with the affected system privileges. Affected versions CONFIR of Avaya Session Border Controller for Enterprise M include 7.x, 8.0 through 8.1.1.x ibm -- spectrum_protect_backup- IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 2021- CVE- 7.2 archive_client could allow a local user to escalate their privileges to 04-26 2021- CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e take full control of the system due to insecure 20532 directory permissions. IBM X-Force ID: 198811. CONFIR M XF IBM Spectrum Protect Client 8.1.0.0-8 through CVE- 1.11.0 is vulnerable to a stack-based buffer overflow, 2021- caused by improper bounds checking when 2021- 29672 ibm -- spectrum_protect_client processing the current locale settings. A local attacker 7.2 04-26 CONFIR could overflow a buffer and execute arbitrary code on M the system with elevated privileges or cause the XF application to crash. IBM X-Force ID: 199479 SQL Injection in CVE- com/inxedu/OS/edu/controller/letter/AdminMsgSyste 2021- 2020- inxedu -- inxedu 7.5 mController in Inxedu v2.0.6 via the ids parameter to 04-29 35430 admin/letter/delsystem. MISC Improperly Controlled Modification of Object CVE- Prototype Attributes ('Prototype Pollution') in jquery- 2021- 2021- jquery-bbq_project -- jquery-bbq 7.5 bbq 1.2.1 allows a malicious user to inject properties 04-23 20086 into Object.prototype. MISC CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e CVE- Prototype pollution vulnerability in 'safe-obj' versions 2021- 1.0.0 through 1.0.2 allows an attacker to cause a 2021- manta -- safe-obj 7.5 25928 denial of service and may lead to remote code 04-26 MISC execution. MISC CVE- Aterm WG2600HS firmware Ver1.5.1 and earlier 2021- nec -- 2021- allows an attacker to execute arbitrary OS commands 10 20711 aterm_wg2600hs_firmware 04-26 via unspecified vectors. MISC MISC CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound 7.5 the regional allocator via regional_alloc. 04-27 25032 MISC CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound 7.5 the regional allocator via the ALIGN_UP macro. 04-27 25033 MISC CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e CVE- Unbound before 1.9.5 allows an integer overflow in 2021- 2019- nlnetlabs -- unbound sldns_str2wire_dname_buf_origin, leading to an out- 7.5 04-27 25034 of-bounds write. MISC CVE- Unbound before 1.9.5 allows an out-of-bounds write 2021- 2019- nlnetlabs -- unbound 7.5 in sldns_bget_token_par. 04-27 25035 MISC CVE- Unbound before 1.9.5 allows an integer overflow in a 2021- 2019- nlnetlabs -- unbound 7.5 size calculation in dnscrypt/dnscrypt.c. 04-27 25038 MISC CVE- Unbound before 1.9.5 allows an integer overflow in a 2021- 2019- nlnetlabs -- unbound 7.5 size calculation in respip/respip.c. 04-27 25039 MISC Unbound before 1.9.5 allows an out-of-bounds write 2021- CVE- nlnetlabs -- unbound 7.5 via a compressed name in rdata_copy. 04-27 2019- CVS Source Primary Publish S Description & Patch Vendor -- Product ed Scor Info e 25042 MISC Pulse Connect Secure 9.0R3/9.1R1 and higher is CVE- vulnerable to an authentication bypass vulnerability 2021- exposed by the Windows File Share Browser and 22893 pulsesecure -- Pulse Secure Collaboration features of Pulse Connect 2021- 7.5 MISC pulse_connect_secure Secure that can allow an unauthenticated user to 04-23 MISC perform remote arbitrary code execution on the Pulse MISC Connect Secure gateway. This vulnerability has been MISC exploited in the wild. Improperly Controlled Modification of Object CVE- Prototype Attributes ('Prototype Pollution') in purl 2021- 2021- purl_project -- purl 7.5 2.3.2 allows a malicious user to inject properties into 04-23 20089 Object.prototype. MISC Medium Vulnerabilities Primary CVSS Source & Description Published Vendor -- Product Score Patch Info Improperly Controlled Modification of Object CVE-2021- acemetrix -- jquery- Prototype Attributes ('Prototype Pollution') in jquery- 2021-04- 6.5 20087 deparam deparam 0.5.1 allows a malicious user to inject 23 MISC properties into Object.prototype. Cross-site scripting vulnerability in Aterm CVE-2021- aterm -- WG2600HS firmware Ver1.5.1 and earlier allows 2021-04- 20710 4.3 wg2600hs_firmware remote attackers to inject an arbitrary script via 26 MISC unspecified vectors. MISC An XML External Entities (XXE)vulnerability in the web-based user interface of Avaya Aura Orchestration Designer could allow an authenticated, CVE-2020- avaya -- 2021-04- remote attacker to gain read access to information 4 7035 aura_orchestration_designer 23 that is stored on an affected system. The affected CONFIRM versions of Orchestration Designer includes all 7.x versions before 7.2.3. An XML External Entities (XXE)vulnerability in Callback Assist could allow an authenticated, remote CVE-2020- attacker to gain read access to information that is 2021-04- avaya -- callback_assist 4 7036 stored on an affected system. The affected versions of 23 CONFIRM Callback Assist includes all 4.0.x versions before 4.7.1.1 Patch 7. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info Improperly Controlled Modification of Object backbone-query- CVE-2021- Prototype Attributes ('Prototype Pollution') in 2021-04- parameters_project -- 6.5 20085 backbone-query-parameters 0.4.0 allows a malicious 23 backbone-query-parameters MISC user to inject properties into Object.prototype. CVE-2021- CNCSoft-B Versions 1.0.0.3 and prior is vulnerable criticalmanufacturing -- 2021-04- 22664 to an out-of-bounds write, which may allow an 6.8 cncsoft-b 27 MISC attacker to execute arbitrary code. MISC CVE-2021- Settings.aspx?view=About in Directum 5.8.2 allows 2021-04- 31794 directum -- directum 4.3 XSS via the HTTP User-Agent header. 24 MISC MISC An issue has been discovered in GitLab CE/EE CVE-2021- affecting all versions starting from 11.9. GitLab was 22205 2021-04- gitlab -- gitlab not properly validating image files that were passed 6.5 MISC 23 to a file parser which resulted in a remote command MISC execution. CONFIRM Insufficient data validation in V8 in Google Chrome CVE-2021- prior to 90.0.4430.93 allowed a remote attacker to 2021-04- google -- chrome 6.8 21227 potentially exploit heap corruption via a crafted 30 MISC HTML page. Primary CVSS Source & Description Published Vendor -- Product Score Patch Info MISC GENTOO CVE-2021- Type confusion in V8 in Google Chrome prior to 21230 2021-04- google -- chrome 90.0.4430.93 allowed a remote attacker to potentially 6.8 MISC 30 exploit heap corruption via a crafted HTML page. MISC GENTOO CVE-2021- Use after free in Dev Tools in Google Chrome prior 21232 to 90.0.4430.93 allowed a remote attacker to 2021-04- google -- chrome 6.8 MISC potentially exploit heap corruption via a crafted 30 MISC HTML page. GENTOO CVE-2021- Type confusion in V8 in Google Chrome prior to 21224 90.0.4430.85 allowed a remote attacker to execute 2021-04- MISC google -- chrome 6.8 arbitrary code inside a sandbox via a crafted HTML 26 MISC page. DEBIAN GENTOO CVE-2021- Integer overflow in Mojo in Google Chrome prior to 2021-04- google -- chrome 6.8 21223 90.0.4430.85 allowed a remote attacker who had 26 MISC Primary CVSS Source & Description Published Vendor -- Product Score Patch Info compromised the renderer process to potentially MISC perform a sandbox escape via a crafted HTML page. DEBIAN GENTOO CVE-2021- Use after free in Blink in Google Chrome prior to 21206 89.0.4389.128 allowed a remote attacker to 2021-04- google -- chrome 6.8 MISC potentially exploit heap corruption via a crafted 26 MISC HTML page. GENTOO CVE-2021- Insufficient validation of untrusted input in V8 in 21220 Google Chrome prior to 89.0.4389.128 allowed a 2021-04- google -- chrome 6.8 MISC remote attacker to potentially exploit heap corruption 26 MISC via a crafted HTML page. GENTOO CVE-2021- Use after free in WebMIDI in Google Chrome prior 21213 to 90.0.4430.72 allowed a remote attacker to 2021-04- MISC google -- chrome 6.8 potentially exploit heap corruption via a crafted 26 MISC HTML page. DEBIAN GENTOO Use after free in IndexedDB in Google Chrome prior 2021-04- CVE-2021- google -- chrome 6.8 to 90.0.4430.72 allowed an attacker who convinced a 26 21207 Primary CVSS Source & Description Published Vendor -- Product Score Patch Info user to install a malicious extension to potentially MISC perform a sandbox escape via a crafted Chrome MISC Extension.
Recommended publications
  • Te19 Emata Diplomovy19 Ych Prac19 2011/12
    Na´vrh te´mat diplomovy´ch a rocˇnı´kovy´ch pracı´ pro akademicky´rok 2012/13 Vedoucı´pra´ce: RNDr. Sˇa´rka Vavrecˇkova´, Ph.D. Poslednı´aktualizace: 22. rˇı´jna 2012 Upozorneˇnı´: te´ma musı´ by´t prˇed vybra´nı´m konzultova´no s vedoucı´m pra´ce. Pokud ma´te vlastnı´na´pad, je nutne´s nı´m prˇijı´t co nejdrˇı´v. Tento seznam je v aktua´lnı´elektronicke´formeˇ k dispozici na http://fpf.slu.cz/~vav10ui/obsahy/dipl/temata.pdf. DNS a ENUM (DNS and ENUM) Komenta´rˇ: ENUM (Electronic Number Mapping) je protokol vydany´organizacı´IETF, ktery´ Rezervova´no umozˇnˇuje prˇekla´dat telefonnı´cˇı´sla podle standardu E.164 na ru˚zna´URI podle existujı´cı´ch mozˇnostı´ (e-mail – Mailto, SIP, H323, ICQ, IRC, HTTP, FTP, IP adresa, atd.). Jde vlastneˇ o vytvorˇenı´a pouzˇı´va´nı´relacı´mezi ru˚zny´mi identifikacemi te´zˇe identity. Za´sady pro vypracova´nı´: IETF ENUM (Electronic Number Mapping) je protokol popisujı´cı´prˇe- klad telefonnı´ch cˇı´sel podle standardu E.164 na URI, standardizova´n jako RFC 3761. Student v pra´ci popı´sˇe princip DNS a ENUM, jejich vza´jemny´vztah, typicke´protokoly/sluzˇby, jejichzˇ URI mohou by´t cı´lem prˇekladu, na´vaznost na PSTN a VoIP, potrˇebne´protokoly, zabezpecˇenı´ proti chyba´m a beˇzˇny´m u´toku˚m, mozˇnosti vyuzˇitı´, konfiguraci ve zvolene´m DNS serveru. Zdroje: • ENUM [online]. Stra´nky organizace ITU-T. Dostupne´na: http://www.itu.int/osg/spu/enum/ • The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM)[online].
    [Show full text]
  • Sentry Firewall CD HOWTO Sentry Firewall CD HOWTO Table of Contents
    Sentry Firewall CD HOWTO Sentry Firewall CD HOWTO Table of Contents Sentry Firewall CD HOWTO............................................................................................................................1 Stephen A. Zarkos, Obsid@Sentry.net....................................................................................................1 1. Introduction..........................................................................................................................................1 2. How the CD Works (Overview)..........................................................................................................1 3. Obtaining the CDROM........................................................................................................................1 4. Using the Sentry Firewall CDROM.....................................................................................................1 5. Overview of Available Configuration Directives................................................................................1 6. Setting Up a Firewall...........................................................................................................................2 7. Troubleshooting...................................................................................................................................2 8. Building a Custom Sentry CD.............................................................................................................2 9. More About the Sentry Firewall Project..............................................................................................2
    [Show full text]
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • Montagem E Manutenção De Computadores Janaina Silva De Souza
    Montagem e Manutenção de Computadores Janaina Silva de Souza Curso Técnico em Manutenção e Suporte em Informática Montagem e Manutenção de Computadores Janaina Silva de Souza Manaus -AM 2011 Presidência da República Federativa do Brasil Ministério da Educação Secretaria de Educação a Distância © Centro de Educação Tecnológica do Amazonas Este Caderno foi elaborado em parceria entre o Centro de Educação Tecnológica do Amazonas e a Universidade Federal de Santa Catarina para o Sistema Escola Técnica Aberta do Brasil – e-Tec Brasil. Equipe de Elaboração Coordenação de Design Gráfico Centro de Educação Tecnológica do Amazonas André Rodrigues/UFSC – CETAM Design Instrucional Renato Cislaghi/UFSC Coordenação Institucional Adriana Lisboa Rosa/CETAM Web Master Laura Vicuña Velasquez/CETAM Rafaela Lunardi Comarella/UFSC Coordenação do Curso Web Design Helder Câmara Viana/CETAM Beatriz Wilges/UFSC Mônica Nassar Machuca/UFSC Professora-autora Janaina Silva de Souza/CETAM Diagramação Bárbara Zardo/UFSC Comissão de Acompanhamento e Validação Juliana Tonietto/UFSC Universidade Federal de Santa Catarina – UFSC Marília C. Hermoso/UFSC Nathalia Takeuchi/UFSC Coordenação Institucional Araci Hack Catapan/UFSC Revisão Júlio César Ramos/UFSC Coordenação do Projeto Silvia Modesto Nassar/UFSC Projeto Gráfico e-Tec/MEC Coordenação de Design Instrucional Beatriz Helena Dal Molin/UNIOESTE e UFSC Catalogação na fonte elaborada pela DECTI da Biblioteca Central da UFSC S729m Souza, Janaina Silva de Montagem e manutenção de computadores / Janaina Silva de Souza. – Manaus : Centro de Educação Tecnológica do Amazonas, 2011. 114p. : il. Inclui bibliografia Curso técnico em manutenção e suporte em informática ISBN: 978-85-63576-37-8 1. Informática – Estudo e ensino. 2. Microcomputadores – Manuten- ção e reparos.
    [Show full text]
  • Sentry: a Multipourpose GNU/Linux
    last update: 25/ october / 2002 Sentry: a multipourpose GNU/Linux... [In this short article I'll try to explain how to made a good use of Sentry: an useful GNU/Linux distribution that can be considered like a swiss-knife tool. I'll also describe my setup experience with this distro (followed by a case-study to solve an inusual need).] What's sentry: As described in product's FAQ the "Sentry Firewall CD" is a bootable GNU/Linux based CD-ROM, useful for a number of different needs: from firewall to application server. What is meant for bootable CD-ROM is a media that contains an Operative System full installation and has a boot sector so, if PC BIOS allow it (and most recent ones do), it is possible to start PC directly from CD-ROM. The advantage to operate from CD is due, before all, to the unchangeability of the media and the consequent fast recovery of system. And therefore is impossible for a cracker (not "haker" as some newspaper define those informatical intruders) to destroy the system itself in a definitive way. One of preferred activities of cracker is, infact, the installation of a rootkit as soon as an host ahs been compromised. A root kit is, in simple words, a kit of modified programs and system utilities that allow an easy access to compromised system masking, at the same time, crackers activities. As You can understand these programs were, usually, installed on the compromised system hard disk and are very hard to remove so often is required to reinstall all system to gain a new safe situation.
    [Show full text]
  • Copyrighted Material
    23_579959 bindex.qxd 9/27/05 10:05 PM Page 373 Index Symbols alias command, 200, 331 - (dash), 109 Anaconda installer feature, 19 $ (dollar sign), 330 analog channel changing, 66–67 ! (exclamation mark), 332 Analog RBG/xVGA output, 69 # (pound sign), 330 analog SVideo output, 69 ~ (tilde), 330 analog television output, 69 antiword conversion application, 173 A Appearance settings, Web Photo Gallery New aa boot label, eMoviX boot prompt, 136 Albums page, 45 abiword word processing application, 173 appliance modules, X10 protocol, 188 abuse application, 176 applications ace application, 176 for pen drives ACL (Access Control List), 259 downloading, 171–172 acm application, 176 gaming applications, 176–177 ActiveHome project, 185 general applications, 173–174 admin directory checks, Internet radio, 287 multimedia applications, 175 Admin email address option, Web Photo running from workstations, 316–317 Gallery Email and Registration apt-get install lirc command, 92 tab, 43 ASF (Advanced Systems Format), 128 administration tools, desktop features, a_steroid application, 176 342–343 atrpms-kickstart package, 79–80 administrative settings, Heyu project, 203–204 audacity application, 175 Advanced Systems Format (ASF), 128 audio players, Internet radio, 269–270 albums authentication parameters, Icecast server, 274 adding photos to, 48, 55 Autodesk automation files, eMoviX recording bookmarking, 54 COPYRIGHTED MATERIALcontent, 129 browsing, 51 AVI (Audio Video Interleaf ) format, 128 comments, adding, 54–55 creating, 47 B naming, 47 backend setup and startup, MythTV project slideshow settings, 46 configuration, 62, 110–113 summary additions, 48 backups, 29, 291 thumbnail images, 51 bad flag options, BZFlag project, 229 title creation, 48 bad words, managing, BZFlag project, 233 23_579959 bindex.qxd 9/27/05 10:05 PM Page 374 374 Index ■ B bandwidth consumption, Internet radio, 273 burning barrage application, 176 CDs Basic option, Devil-Linux firewall Main eMoviX project, 134–135 Menu, 253 MoviX2 project, 142–143 Battle Zone capture the Flag.
    [Show full text]
  • Ldp Howto-Index
    LDP HOWTO-INDEX Guylhem Aznar Joshua Drake Greg Ferguson v9.0, 2005-12-29 This document contains an index to the Linux HOWTOs as well as other information about the HOWTO project. LDP HOWTO-INDEX Table of Contents Chapter 1. What Are Linux HOWTOs?...........................................................................................................1 Chapter 2. Where Can I Get Linux HOWTOs?..............................................................................................2 Chapter 3. HOWTO Translations.....................................................................................................................3 Chapter 4. Categorized List of HOWTOs........................................................................................................4 4.1. The Linux OS....................................................................................................................................4 4.1.1. Getting Started.........................................................................................................................4 4.1.2. Switching from Other Operating Systems...............................................................................4 4.1.3. Distributions............................................................................................................................5 4.1.4. Installation...............................................................................................................................5 4.1.5. Kernel......................................................................................................................................7
    [Show full text]
  • Linux Utilisation-Distributions-Linux
    Les distributions Par son mode de diffusion particulier, Linux est parfois déroutant. En effet, on ne se procure jamais le système Linux mais un système Linux. Chacun est libre d’assembler son propre système Linux et de le distribuer, gratuitement ou non. Il est même possible de prendre une distribution existante, d’en changer le nom, et de la redistribuer ainsi… Exemple de distributions disponibles: AbulÉdu, Adamantix, ADIOS, Admelix, Archie, ALT, Amber, AnNyung, ANTEMIUM, APODIO, Arabian, Arch, Ark, AsianLinux, Asianux, ASLinux, ASPLinux, Astaro, Asterisk@Home, Athene, ATmission, Auditor, Aurora, Aurox, AUSTRUMI, Hubworx, B2D, Bayanihan, BeatrIX, Berry, BIG LINUX, BioBrew, Bioknoppix, blackPanther, BLAG, Blin, Buffalo, Caixa Mágica, cAos, Càtix, CCux, CDlinux, Censornet, CentOS, ClarkConnect, Clusterix, clusterKNOPPIX, Condorux, Conectiva, Cosix, CRUX, Damn Small, Danix, DARKSTAR, DeadCD, Debian, Deep-Water, Defender, DeLi, AGNULA, DesktopBSD, Devil, Dizinha, DNALinux, DragonFly, P!tux, dyne:bolic, Eadem, Edubuntu, eduKnoppix, EduLinux, Ehad, eLearnix, Elive, ELX, EnGarde, ERPOSS, SME Server, ESware, Evinux, EzPlanet One, FAMELIX, Feather, Featherweight, Fedora, Fermi, Flash, Flonix, Foresight, FoRK, FoX Desktop, FreeBSD, Freedows, Freeduc, Freeduc-Sup, FreeSBIE, Frenzy, Frugalware, FTOSX, GeeXboX, Gelecek, Gentoo, GentooTH, Gentoox, GEOLivre, Gibraltar, GNIX, Gnoppix, gNOX, GNUstep, GobLinX, GoboLinux, grml, Guadalinex, GuLIC-BSD, h3knix, Haansoft, Hancom, Helix, Hikarunix, Hiweed, HKLPG, Holon, Honeywall, iBox, IDMS, Ignalum, Impi,
    [Show full text]
  • Linux Security Methods
    Network Security Using LINUX Michael Sweeney Network Security Using Linux by Michael Sweeney Copyright 2005 Michael Sweeney. All rights reserved Printed in the United States of America Published by PacketPress, 4917 Leeds Ave, Orange, CA 92867. PacketPress books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (www.packetpress.net). For more information contact our sales department at: 1-714-637-4235 or [email protected] Editor: Jeanne Teehan Technical Editor: Cover Designer: Amanda Sweeney Printing History: January 2005 First Edition. While every precaution has been taken in the preparation of this book, the publisher and the author assume no responsibility for errors, or omissions, or for damages resulting from the use of the information contained herein. "The idea is to try to give all the information to help others to judge the value of your contribution; not just the information that leads to judgment in one particular direction or another" Richard Feynman Table of Contents Network Security using Linux......................................................... Credits.............................................................................................X Preface............................................................................................xii Who is this book for?......................................................................................xiii How the book was written..............................................................................xiii
    [Show full text]
  • Atviro Kodo (Atvirosios) Programinės Įrangos Vartojimo Situacijos Ir Patikimo Aptarnavimo Infrastruktūros Sukūrimo Galimybių Lietuvoje Tyrimo Ataskaita
    VILNIAUS UNIVERSITETAS Atviro kodo (atvirosios) programin ės įrangos vartojimo situacijos ir patikimo aptarnavimo infrastrukt ūros suk ūrimo galimybi ų Lietuvoje tyrimo A T A S K A I T A VILNIUS, 2018 Tyrim ą atliko ir ataskait ą pareng ė: Valentina Dagien ė, Tolmantas Dagys, Viktoras Dagys, Egl ė Jasut ė, Tatjana Jevsikova, Gabriel ė Stupurien ė, Lina Vinikien ė. Redagavo Renata Valotkien ė. ĮVADAS 4 ATVIRO KODO PROGRAMINĖS ĮRANGOS ŠALTINI Ų ANALIZ Ė 9 1. Atviro kodo program ų naudojimo tendencij ų kaita 9 2. Užsienio šali ų patirtis 16 3. Atviro kodo program ų naudojimo Lietuvoje patirtis 24 4. Populiariausios atviro kodo programos 36 5. Atviro kodo program ų lokalizavimas 46 6. Atviro kodo programin ės įrangos saugumas ir jo užtikrinimo b ūdai 56 LIETUVOS VISUOMEN ĖS SLUOKSNI Ų NUOMONI Ų TYRIMAS 77 7. Ekspert ų strukt ūrizuoto interviu analiz ės rezultatai 78 8. Institucij ų internetin ė apklausa 104 9. Moksleivi ų ir student ų internetin ė apklausa 121 10. Interviu ir internetini ų apklaus ų rezultat ų apibendrinimas 128 BENDROSIOS IŠVADOS IR REKOMENDACIJOS 141 Šaltiniai 144 PRIEDAI 153 1 priedas. Populiariausios atviro kodo programos 153 2 priedas. Operacini ų sistem ų ir raštin ės paketo lokalizavimo užbaigtumas 163 3 priedas. Institucij ų internetin ės apklausos klausimynas 165 4 priedas. Moksleivi ų ir student ų internetin ės apklausos klausimynas 169 Įvadas Atvirosios, arba atviro kodo, programos tampa m ūsų kasdien naudojamais produktais, j ų sukuriama vis daugiau ir vis įvairesni ų. Labiausiai akcentuotina atviro kodo program ų savyb ė – aplink jas telkiasi bendruomen ės, vyksta bendradarbiavimas, generuojami nauji sprendimai, kurie skatina ir nuosavybini ų program ų tobul ėjim ą.
    [Show full text]
  • Doporučení Strategie
    Správa serverů a počítačových sítí 2020/2021 Přednáška č.3 ( ver. 2021-03-02-1 ) 1 / 27 4. Zálohy napájení ● Výpadek elektřiny nejde ovlivnit ani předpo- vědět – většinou ● Nekorektní ukončení systému může vést k poškození dat ● neuzavřené soubory ● pidy starých procesů ● Nemusí se zapsat data z cache ● Důvodem výpadku napájení: ● Porucha na zdroji ● Výpadek el. energie 2 / 27 4.1. Redundantní zdroj napájení ● Vznikne „špička“ v sítí a dojde ke spálení zdroje a následně k nekorektnímu ukončení systému ● Řešením je použití stroje s dvěma a více zdroji, ideálně hot-plugovými ● U dražších značkových serverů obvyklé ● Více náročné stroje potřebují pro svůj chod více než jeden ze zdrojů – například disková pole 3 / 27 4.2. UPS ● Zařízení sloužící jako záložní zdroj pro pří- pad výpadku energie ● Tři typy: ● Off-line – používá relé, nemá filtry, nereguluje na- pětí ● Line-interactive – dokáže omezeně vyrovnávat kolísání v el. síti ● Online – vyšší cena, používá filtry, velmi vý- hřevné, ale bezpečné, nepřepíná zdroj, ale funguje stále z baterií 4 / 27 4.2. UPS ● Klasicky umí ● Překlenout výpadek napájení ● Číst info z UPS ● Nadstandard (RS ) ● Vypnout server či skupinu serverů ● Spustit se zpožděním 5 / 27 4.3. Diesel agregát ● Využívám pro rozsáhlé systémy, kde už běžné UPS kapacitně nestačí ● Je schopen udržet v chodu celé počítačové sály ● Většinou velmi nákladné zařízení ● Cca před třemi roky způsobil opakované havarie ve všech velkých pražských hostingových centrech 6 / 27 4.3. Diesel agregát 7 / 27 5. Vzdálená správa ● Nejedná se o vzdálenou plochu Windows :) ● Jde o možnost ovládat server na nižší úrovni, tedy i ve stavu kdy nefunguje operační sys- tém ● Existuje ve dvou variantách: ● Interně řešená v serveru ● Externí řešení nezávislé na serveru 8 / 27 5.1.
    [Show full text]
  • Portabilidade Do Linux E Viabilidade Em Desktop
    JERRY METZ PORTABILIDADE DO LINUX E VIABILIDADE EM DESKTOP Trabalho de Conclusão apresentado ao Departamento de Ciência da Computação da Universidade Federal de Lavras, como parte das exigências do curso de Pós-Graduação Lato Sensu em Administração em Redes Linux, para a obtenção do título de especialista em Administrador em Redes Linux. Orientador Profo Wilian Soares Lacerda LAVRAS MINAS GERAIS - BRASIL 2004 JERRY METZ PORTABILIDADE DO LINUX E VIABILIDADE EM DESKTOP Trabalho de Conclusão apresentado ao Departamento de Ciência da Computação da Universidade Federal de Lavras, como parte das exigências do curso de Pós-Graduação Lato Sensu em Administração em Redes Linux, para a obtenção do título de especialista em Administrador em Redes Linux. APROVADA em 18 de setembro de 2004. Profo Giovanni Francisco Rabelo Profo Luciano Mendes dos Santos Profo Wilian Soares Lacerda UFLA (Orientador) LAVRAS MINAS GERAIS - BRASIL À minha família. AGRADECIMENTOS A todos que contribuíram para a realização e conclusão desta especialização tão profícua, aos colegas que prestaram apoio, aos professores do ARL, em especial ao prof. Joaquim e ao prof. Wilian, coordenador do curso e orientador deste trabalho respectivamente, e às empresas Universo Informática e Copagril, pelas estruturas disponibilizadas, um muito obrigado! RESUMO Este trabalho tem como objetivo apresentar algumas informações que auxiliem na identificação de dispositivos de hardware e software compatíveis com o Linux. A portabilidade em diferentes arquiteturas de hardware, aplicações e recursos de software e a possibilidade de migrar para um ambiente gráfico com o Linux são temas abordados na presente monografia. Com base em pesquisas bibliográficas foi possível identificar os principais ports de hardware, a diversidade de software para Linux e as distribuições recomendadas para desktops.
    [Show full text]