From owner-freebsd-questions@FreeBSD.ORG Wed May 6 05:30:14 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B56841065676 for ; Wed, 6 May 2009 05:30:14 +0000 (UTC) (envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net) Received: from mailhub.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id 8265B8FC27 for ; Wed, 6 May 2009 05:30:14 +0000 (UTC) (envelope-from mel.flynn+fbsd.questions@mailing.thruhere.net) Received: from sarevok.dnr.servegame.org (mailhub.lan.rachie.is-a-geek.net [192.168.2.11]) by mailhub.rachie.is-a-geek.net (Postfix) with ESMTP id AE0ED7E837; Tue, 5 May 2009 21:30:12 -0800 (AKDT) From: Mel Flynn To: freebsd-questions@freebsd.org Date: Wed, 6 May 2009 07:30:10 +0200 User-Agent: KMail/1.11.2 (FreeBSD/8.0-CURRENT; KDE/4.2.2; i386; ; ) References: <49FC4186.80608@virtualhost.nl> <200905052313.47805.mel.flynn+fbsd.questions@mailing.thruhere.net> <4A00B728.3000509@virtualhost.nl> In-Reply-To: <4A00B728.3000509@virtualhost.nl> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200905060730.10672.mel.flynn+fbsd.questions@mailing.thruhere.net> Cc: Jeroen Hofstee Subject: Re: local security scanner for vulnerable common opensource www projects X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 May 2009 05:30:15 -0000 On Wednesday 06 May 2009 00:01:12 Jeroen Hofstee wrote: > Mel Flynn schreef: > > You can do that, the issue is plugins: > > 0) SuperCMS v 1.0 installed > > 1) CoolStuff via webinterface, by SuperCMSNr1Fan, version 0.1.0.1beta > > 2) SuperCMS v 1.0.1 security release, changes some issues with plugin > > handling 3) CoolStuff's maintainer is now known as CompetitorCMSNr1Fan > > 4) CoolStuff still works, because of backwards compatibility, but now is > > insecure. > > > > Stuff like this goes back to the phpNukeYourSite days. > > I understand that there are allot of caveats and that is quite some work > to create a full blown checker, especially with > plugins. But as far as I am corcerned, finding the easy to locate > vultnerable script is already better then doing nothing. Agreed, as long as the client does not assume you are responsible. Portaudit will go a long way then. Which version of a plugin is installed is not always available in the file system, some store that in the database. To ease your work, you may want to replace custom installed software with the corresponding port if available. This will go for a lot of stuff, including joomla and the various nuke forks. -- Mel