Hey Chris. I haven't tried it with -T, I just ran the script directly. I'm assuming you are using -T because you want this to be run setuid.
It might be better to just have it run as a cron job under root. YMMV. -------- Jeff Mercer - CISO - Security Vulnerability Assessments >-----Original Message----- >From: christopher ashby [mailto:[EMAIL PROTECTED] >Sent: Wednesday, December 10, 2008 2:35 PM >To: Mercer, Jeff C - Raleigh, NC >Cc: Lachance, François; [email protected] >Subject: Re: Update Nessus Plugins Script > >This is interesting... > >Noticing some new plugin published, I attempted to execute this script >again as root: > >[EMAIL PROTECTED]:/home/cashby# perl -T >/opt/nessus/auto/update-nessus-plugins -bps > >/home/cashby/plugin-report.txt > >this is the error received: >Can't run 'describe-nessus-plugin -f >bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l >english powerdns_malformed_query.nasl' - No such file or directory at >/opt/nessus/auto/update-nessus-plugins line 356 > >I decided to run the script manually to determine if any >issued existed: > >[EMAIL PROTECTED]:/home/cashby# perl -T >/opt/nessus/auto/describe-nessus-plugin -f >bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l >english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl > >I received the following error: > >/opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl >Insecure dependency in sprintf while running with -T switch at >/opt/nessus/auto/describe-nessus-plugin line 510. > >Is it possible to remove the -T switch from the first line of this >code, and still have it properly execute? > >ashby > > > >On Wed, Dec 10, 2008 at 1:16 PM, Mercer, Jeff C - Raleigh, NC ><[EMAIL PROTECTED]> wrote: >> It is not necessary for normal operation of Nessus. >> >> It's just a useful little script that will make a backup >copy of the existing plugins before updating, and can >optionally report on all the plugins that have been changed. >> >> -------- >> Jeff Mercer - CISO - Security Vulnerability Assessments >> >> >>>-----Original Message----- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of >Lachance, François >>>Sent: Wednesday, December 10, 2008 12:15 PM >>>To: [email protected] >>>Subject: RE: Update Nessus Plugins Script >>> >>>I have been following this thread, and I'm not sure I >>>understand why using an extra script to download patches is >>>necessary. Can anyone enlighten me on what you are trying to >>>accomplish? >>> >>>Thanks, >>> >>>François >>> >>>-----Original Message----- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of Mercer, >>>Jeff C - Raleigh, NC >>>Sent: December-10-08 10:15 AM >>>To: christopher ashby; [email protected] >>>Subject: RE: Update Nessus Plugins Script >>> >>>I got them to work the other week, though I did get that same >>>W32.Sasser >>>error that you did when I tried to update today. I re-ran the >>>update and >>>it worked correctly. >>> >>>I'm assuming you've installed all the necessary perl >modules. You might >>>want to do a "cpan upgrade" just to make sure you have the latest >>>version of the modules. I also found it's better to just run >the whole >>>thing as root rather than try and use sudo. >>> >>>I had to modify a couple of lines as well. Here's my diff between the >>>original and modified forms of update-nessus-plugins: >>> >>> >>>< = original >>>> = updated >>> >>>161c33 >>>< $ENV{PATH} = >>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/ >>>opt/nessu >>>s/sbin'; # nb: also passed to nessus-update-plugins >>>--- >>>> $ENV{PATH} = >>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin >'; # nb: >>>also passed to nessus-update-plugins >>>290c162 >>>< my $cmd = 'nessus-update-plugins'; >>>--- >>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins'; >>>352c224,225 >>>< my $cmd = 'describe-nessus-plugin ' . >>>--- >>>> my $cmd = 'describe-nessus-plugin ' . >>>> '-f ' . join(',', @info_funcs) . ' ' . >>>382c255 >>>< open(NEW, $plugin) or croak "Can't read >>>'$plugin' - $!\n"; >>>--- >>>> open(NEW, "$plugins_dir/$plugin") or croak "Can't read >>>'$plugin' - $!\n"; >>> >>> >>> >>>I'm running RHEL as well, so I think this should work for >you as well. >>> >>>-------- >>>Jeff Mercer - CISO - Security Vulnerability Assessments >>> >>> >>>>-----Original Message----- >>>>From: [EMAIL PROTECTED] >>>>[mailto:[EMAIL PROTECTED] On Behalf Of >christopher ashby >>>>Sent: Saturday, December 06, 2008 11:10 AM >>>>To: [email protected] >>>>Subject: Update Nessus Plugins Script >>>> >>>>List- >>>> >>>>Has anyone successfully implemented these scripts with Nessus? I >>>>currently have Nessus 3.2.1 on a RH Server and use the >command line to >>>>execute my scans. Here is what happens when I attempt to use these >>>>scripts: >>>> >>>>The 1st script (update-nessus-plugins.pl) executes properly and >>>>updates the plugins, creates the MD5, and archives everything >>>>according to plan. When this scripts executes the >>>>describe-nessus-plugin.pl script, it gives me an error >saying that the >>>>""plugin isn't available?? >>>> >>>>I have execute this in debug mode, and receive the same >generic error. >>>> If i execute the perl script (describe-nessus-plugin.pl) >on it's own, >>>>it properly gives me the output? I have modified the >>>>update-nessus-plugin.pl script adding/updating the paths (line161 & >>>>183) and then modifying lines 352-355 which call the >>>>describe-nessus-plugins.pl script. This modification was >made because >>>>if i execute the script (describe-nessus-plugins.pl) without any >>>>switches it's outcome is exactly what i need. >>>> >>>>Here is the command i execute in an attempt to get the >>>outcome desired: >>>> >>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >> >>>>/home/cashby/plugins-report.txt >>>> >>>>i have also attempted this with the same outcome: >>>> >>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >> >>>>/home/cashby/plugins-report.txt >>>> >>>>I have attached the scripts for anyone to view, if anyone has any >>>>suggestions that would be appreciated! >>>> >>>>thanks- >>>>Christopher Ashby >>>> >>>_______________________________________________ >>>Nessus mailing list >>>[email protected] >>>http://mail.nessus.org/mailman/listinfo/nessus >>>_______________________________________________ >>>Nessus mailing list >>>[email protected] >>>http://mail.nessus.org/mailman/listinfo/nessus >>> >> _______________________________________________ >> Nessus mailing list >> [email protected] >> http://mail.nessus.org/mailman/listinfo/nessus >> > _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
