local security scanner for vulnerable common opensource
www projects
Jeroen Hofstee
freebsd.questions at virtualhost.nl
Tue May 5 20:41:15 UTC 2009
Mel Flynn schreef:
> On Saturday 02 May 2009 14:50:14 Jeroen Hofstee wrote:
>
>> I tried to find a program which could scan the local filesystem and
>> extract a lists of well known web projects (joomla, wordpress etc)
> Not that I'm aware of and it's hell to write and keep current.
>
k, pitty. Although user can be jailed, it is still a bit unconfortable
experience for users if their website looks
somewhat different then they are used to; or their message board
suddenly contains 20000 additional post,
albeit due to their own lack of maintaining the scripts behind it. A
reminder that their script has known
vulnerabities would therefore be nice, even if it doesn't pose a direct
risk to the system as a whole.
Most of these open source projects are in the ports, so the portaudit db
will contain vulnerability information
for them. If I find time, I will have a look if it is possible to match
against that db.
Jeroen
More information about the freebsd-questions
mailing list