Date: Tue, 05 May 2009 22:41:11 +0200 From: Jeroen Hofstee <freebsd.questions@virtualhost.nl> To: freebsd-questions@freebsd.org Subject: Re: local security scanner for vulnerable common opensource www projects Message-ID: <4A00A467.9060506@virtualhost.nl> In-Reply-To: <200905052010.26393.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> References: <49FC4186.80608@virtualhost.nl> <200905052010.26393.mel.flynn%2Bfbsd.questions@mailing.thruhere.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Mel Flynn schreef: > On Saturday 02 May 2009 14:50:14 Jeroen Hofstee wrote: > >> I tried to find a program which could scan the local filesystem and >> extract a lists of well known web projects (joomla, wordpress etc) > Not that I'm aware of and it's hell to write and keep current. > k, pitty. Although user can be jailed, it is still a bit unconfortable experience for users if their website looks somewhat different then they are used to; or their message board suddenly contains 20000 additional post, albeit due to their own lack of maintaining the scripts behind it. A reminder that their script has known vulnerabities would therefore be nice, even if it doesn't pose a direct risk to the system as a whole. Most of these open source projects are in the ports, so the portaudit db will contain vulnerability information for them. If I find time, I will have a look if it is possible to match against that db. Jeroen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A00A467.9060506>