misc/143943: [patch] security/nikto port upgrade to 2.1.1
Niels Heinen
niels at heinen.ws
Sun Feb 14 22:50:01 UTC 2010
>Number: 143943
>Category: misc
>Synopsis: [patch] security/nikto port upgrade to 2.1.1
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Feb 14 22:50:00 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Niels Heinen
>Release: 8.0-RELEASE
>Organization:
>Environment:
FreeBSD devbsd.lan 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 root at almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
Please find attached an upgrade of Nikto to version 2.1.1. The patch also updates the pkg-descr file but for the rest, this is a minor change.
Thanks in advance!
>How-To-Repeat:
N/A
>Fix:
Apply the patch ;-)
Patch attached with submission follows:
diff -r nikto.2.1.0.orig/Makefile nikto/Makefile
11c11
< PORTVERSION= 2.1.0
---
> PORTVERSION= 2.1.1
27c27
< PORTDOCS= CHANGES.txt LICENSE.txt nikto_manual.html
---
> PORTDOCS= CHANGES.txt LICENSE.txt nikto.dtd nikto_manual.html
diff -r nikto.2.1.0.orig/distinfo nikto/distinfo
1,3c1,3
< MD5 (nikto-2.1.0.tar.bz2) = ce971262e14f5ac1ff634b86366bdaa8
< SHA256 (nikto-2.1.0.tar.bz2) = 8883cc91ed5831c05ac18929a7a93907229ab9836313c2bf9e47e33f3a4e45b5
< SIZE (nikto-2.1.0.tar.bz2) = 230536
---
> MD5 (nikto-2.1.1.tar.bz2) = 4a7ca9634190eba8cac9847117a72446
> SHA256 (nikto-2.1.1.tar.bz2) = 11443267c33ebdc696e39a9e76f5a842f5dc568afc7351d22310991ee900c29d
> SIZE (nikto-2.1.1.tar.bz2) = 262100
diff -r nikto.2.1.0.orig/pkg-descr nikto/pkg-descr
1,5c1,13
< Nikto is a web server scanner which performs comprehensive tests against web
< servers for multiple items, including over 2200 potentially dangerous
< files/CGIs, versions on over 140 servers, and problems on over 210 servers.
< Scan items and plugins are frequently updated and can be automatically updated
< (if desired).
---
> Nikto is an Open Source (GPL) web server scanner which performs
> comprehensive tests against web servers for multiple items, including
> over 6100 potentially dangerous files/CGIs, checks for outdated
> versions of over 950 servers, and version specific problems on over
> 260 servers. It also checks for server configuration items such as
> the presence of multiple index files, HTTP server options, and will
> attempt to identify installed web servers and software. Scan items
> and plugins are frequently updated and can be automatically updated.
>
> It uses Rain Forest Puppy's LibWhisker (wiretrip.net) for HTTP
> functionality, and can perform checks in HTTP or HTTPS. It also
> supports basic port scanning and will determine if a web server is
> running on any open ports.
7,8c15
< Nikto is designed to examine web servers and look for items in multiple
< categories:
---
> Nikto is written by Chris Sullo and David Lodge.
10,23c17
< - misconfigurations
< - default files and scripts
< - insecure files and scripts
< - outdated software
<
< It uses Rain Forest Puppy's LibWhisker (wiretrip.net) for HTTP functiona lity,
< and can perform checks in HTTP or HTTPS. It also supports basic port scanning
< and will determine if a web server is running on any open ports.
<
< WWW: http://www.cirt.net/code/nikto.shtml
<
< - pandzilla
<
< jan at atstake.com
---
> WWW: http://cirt.net/nikto2
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list