Tag Archives: Linux

New Exploit Vulnerability: CVE-2014-6271

A remotely exploitable vulnerability has been discovered by Stephane Chazelas in bash on Linux. The vulnerability has the CVE identifier CVE-2014-6271 and has been given the name Shellshock by some:

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.

An advisory from Akamai explains the problem in more depth, as does this OSS-Sec mailing list post.

How to check?

You can check if you’re vulnerable by running the following lines in your default shell, which on many systems will be Bash. If you see the words “busted”, then you’re at risk. If not, then either your Bash is fixed or your shell is using another interpreter.

env X="() { :;} ; echo busted" /bin/sh -c "echo completed"
env X="() { :;} ; echo busted" `which bash` -c "echo completed"

Or run this command in the default shell:

$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'

If the output includes the word “vulnerable”, okay… you’re at risk.


This vulnerability affects Apple’s OS X – and is useful for privilege escalation – as well as Debian and other Linux distributions. Fortunately, patches are already available: http://seclists.org/oss-sec/2014/q3/650

Patch your systems ASAP!

Support List:

  1. Novel/SuSE
  2. Debian
  3. Ubuntu
  4. Mint
  5. Redhat/Fedora
  6. Mageia
  7. CentOS

After patching my system (Ubuntu 12.04 LTS):




winetricks msxml3 gdiplus riched20 riched30 vcrun6 vcrun2005sp1  wenquanyi


cp Fonts/* ~/.wine/dosdevices/c:/windows/Fonts


wine regedit


[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion\\FontSubstitutes] :


Microsoft YaHei=MSYH
MS Shell Dlg=SimSun
MS Shell Dlg2=SimSun
Tms Rmn=SimSun

转载请注明:Open Source Planet » Linux上Wine的一些中文配置




$ cd ~/.wine/dosdevices/c:/windows/temp
$ ls
ComDlls _dotnet35 Languages _riched20 Thunder.exe
Components _gdiplus Profiles _riched30 _wenquanyi
_dotnet30 _ie6 Program Skins _wmp10

1.配置wine,进入configure wine去,在应用程序tab下增加应用程序设置,选到目录下的thunder.exe,还有Program/下的thunder5.exe(切记这两个都要勾选,才可以完美解决99.9%下载停止的问题),设置windows版本为windows98。(如果首次运行不了,把默认设置也改为98)


$ cp ~/atl71.dll ~/.wine/dosdevices/c:/windows/temp/Program/

转载请注明:Open Source Planet » Wine迅雷配置+下载99.9%解决



sudo wireshark



$ cd /usr/local/bin/

$ ls
2to3 editcap pydoc3 python3.3m randpkt
2to3-3.3 idle3 pydoc3.3 python3.3m-config rawshark
capinfos idle3.3 python3 python3-config text2pcap
dftest mergecap python3.3 pyvenv tshark
dumpcap pcap-config python3.3-config pyvenv-3.3 wireshark

/usr/local/bin$ sudo groupadd wireshark

/usr/local/bin$ sudo chgrp wireshark dumpcap

/usr/local/bin$ sudo chmod 4755 dumpcap

/usr/local/bin$ sudo gpasswd -a myfreedom614 wireshark  此处myfreedom614换成你的用户名

这样运行wireshark就可以顺利获取Interface List了

转载请注明:Open Source Planet » 关于一直以来的Wireshark超级用户问题

Spotify for Linux Preview Build

Spotify for Linux
This is a preview build of Spotify for Linux. As a preview release this version is still unsupported, but Spotify team are running it themselves and will try to make sure it keeps pace with its Mac and Windows siblings.
They have packaged it for Debian Squeeze/Ubuntu

Debian & Ubuntu:
1. Add this line to your list of repositories by editing your /etc/apt/sources.list
deb http://repository.spotify.com stable non-free

2. If you want to verify the downloaded packages,you will need to add our public key
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 94558F59

3. Run apt-get update
sudo apt-get update

4. Install spotify!
sudo apt-get install spotify-client

转载请注明:Open Source Planet » Spotify for Linux Preview Build