Category Archives: Security

No Nessus gui client and limited support of the server for openSUSE

As I work on security, I used to use Nessus on my openSUSE system.

But it seems that Tenable Network Security dropped support for the client on our favorite distribution.

At least, for some reason, they stopped making an universal statically linked binary (though they keep doing it for the server part) and it hasn’t changed since april.

Even the server has a rather limited and obsolete support of openSUSE 10, whereas Debian, Ubuntu and Fedora have support for various versions and architectures. Check there.

This is rather a shame, as openSUSE is one of the major distribution.

I tried some workarounds like converting the deb packages, but, as expected, there are some dependancies issues.

So far, it seems that not many people are affected, because there are not many voices on the forum. I can live without it, but however, this is often a nice and useful tool.

Does anyone use it here ? Or did you get it to work somehow ? If you feel concerned, please let it know to Tenable !

openSUSE kernel sources : patching against sock_sendpage() NULL Pointer Dereference vulnerability

I am using the 2.6.30 kernel sources from Kernel:linux-next and noticed that it has not yet been patched against the ’sock_sendpage()’ NULL Pointer Dereference vulnerability.

The threat is serious as it could allow a local user to gain root privileges.

Those who compile their own 2.6.x kernel should apply this patch (from Linus, check there for more info) .

Within your kernel source folder :

$ patch -u -p0 < sock_sendpage.patch

I hope an official patch will be released soon for all kernels. I did not check if the 11.1 kernel has already been patched or not.