phpnuke forbidden, how to install?
eikemeier at fillmore-labs.com
Wed Mar 3 08:21:51 PST 2004
rfa at msumain.edu.ph wrote:
> i wanted to install phpnuke for content but after cvsuping i found out that
> ===> phpnuke-6.9 is forbidden: SQL injection vulnerability in Php-Nuke <=
> and i checked the phpnuke website, they have a patched version of phpnuke.
Where did you find that? I can't even find a security link.
> im not really sure about not using the ports system coz i get the general
> impression that it is much safer to install using that, but does anyone
> think i should take the risk and try the patched version on their website?
If you are concerned about security you should refrain from installing phpnuke
until the security status is clarified and all known vulnerabilities are
confirmed and closed by PHP-Nuke.
> also is there a way to use the ports and bypass the forbidden part?
Yes, you can build the port with
make NO_IGNORE=yes DISABLE_VULNERABILITIES=yes
but I strongly advise you not to do it, since the port contains publicly known
remote exploitable security vulnerabilities.
> im kinda nooby at the moment, still dont have san-goku like skills yet.
go on, get r00ted.
More information about the freebsd-questions