During my research about update mechanisms of open-source software I discovered vulnerabilities in OpenElec.
If I enable postscreen on a Debian-Host I'll get this strange message in my mail.log:
Feb 13 08:38:37 tardis postfix/postscreen: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)
It looks like the postscreen_cache.db-file is located in /var/lib/postfix instead of the postfix-jail /var/spool/postfix/var/lib/postfix. So we can fix it by moving the file into the jail:
Many years ago, someone mentioned on a congress that apache has an interesting feature: if apache doesn't know a file-extension, it will just take the next one. If someone saves a file called "shell.php.ab", apache would not know what to do with the extension ".ab". So it will just skip this one and uses the next one and the file "evil.php.ab" becomes "evil.php" and gets executed.
dr@tardis$ psql -U postgres psql (9.4.9) Type "help" for help. postgres=# update pg_database set datallowconn = TRUE where datname = 'template0'; UPDATE 1 postgres=# \c template0 You are now connected to database "template0". template0=# update pg_database set datistemplate = FALSE where datname = 'template1'; UPDATE 1 template0=# drop database template1; DROP DATABASE template0=# create database template1 with template = template0 encoding = 'UTF8'; CREATE DATABASE template0=# update pg_database set datistemplate = TRUE where datname = 'template1'; UPDATE 1 template0=# \c
The first day of the 33c3 was fantastic. There were great talks(among others) about "Certificate Transparency", "Nintendo Hacking", "IPv6-Scanning" and "PHP7 Issues". I saw wicked, funny and amazing installations. People celebrate their obsession for tech with a lots of respect for each other. This congress is like being in another dimension (or time?) and absolutely works for me.