On Saturday 02 May 2009 14:50:14 Jeroen Hofstee wrote:
> I tried to find a program which could scan the local filesystem and
> extract a lists of well known
> web projects (yoomla, wordpress etc), extract the installed version
> number and match it against
> a database of known vulnerabilities. Similiar to portaudit, but then for
> the standard scripts users
> install themselves. I was unable to find such a program in the ports.
> Does such an utilities exists for FreeBSD ?

Not that I'm aware of and it's hell to write and keep current.
There's 2 good policies for this kind of thing:
- Don't allow any plugins of any kind to be installed via CMS/Gallery software 
etc. and deal with the complaints
- Put them in a seperate jail and make sure client understands he's 
responsible for getting hacked and loosing hours of work by installing unsafe 

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to