[EMAIL PROTECTED] wrote:

i wanted to install phpnuke for content but after cvsuping i found out that

===>  phpnuke-6.9 is forbidden: SQL injection vulnerability in Php-Nuke <=
7.1.0.

and i checked the phpnuke website, they have a patched version of phpnuke.

Where did you find that? I can't even find a security link.


im not really sure about not using the ports system coz i get the general
impression that it is much safer to install using that, but does anyone think i should take the risk and try the patched version on their website?

If you are concerned about security you should refrain from installing phpnuke until the security status is clarified and all known vulnerabilities are confirmed and closed by PHP-Nuke.

also is there a way to use the ports and bypass the forbidden part?

Yes, you can build the port with make NO_IGNORE=yes DISABLE_VULNERABILITIES=yes but I strongly advise you not to do it, since the port contains publicly known remote exploitable security vulnerabilities.

im kinda nooby at the moment, still dont have san-goku like skills yet.

go on, get r00ted. -Oliver _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to