local security scanner for vulnerable common opensource www projects

Jeroen Hofstee freebsd.questions at virtualhost.nl
Tue May 5 20:41:15 UTC 2009

Mel Flynn schreef:
> On Saturday 02 May 2009 14:50:14 Jeroen Hofstee wrote:
>> I tried to find a program which could scan the local filesystem and
>> extract a lists of well known web projects (joomla, wordpress etc)
> Not that I'm aware of and it's hell to write and keep current.
k, pitty. Although user can be jailed, it is still a bit unconfortable 
experience for users if their website looks
somewhat different then they are used to; or their message board 
suddenly contains 20000 additional post,
albeit due to their own lack of maintaining the scripts behind it. A 
reminder that their script has known
vulnerabities would therefore be nice, even if it doesn't pose a direct 
risk to the system as a whole.

Most of these open source projects are in the ports, so the portaudit db 
will contain vulnerability information
for them. If I find time, I will have a look if it is possible to match 
against that db.


More information about the freebsd-questions mailing list