Hey Chris. I haven't tried it with -T, I just ran the script directly. I'm 
assuming you are using -T because you want this to be run setuid.

It might be better to just have it run as a cron job under root. YMMV.

--------
Jeff Mercer - CISO - Security Vulnerability Assessments
  

>-----Original Message-----
>From: christopher ashby [mailto:[EMAIL PROTECTED] 
>Sent: Wednesday, December 10, 2008 2:35 PM
>To: Mercer, Jeff C - Raleigh, NC
>Cc: Lachance, François; [email protected]
>Subject: Re: Update Nessus Plugins Script
>
>This is interesting...
>
>Noticing some new plugin published, I attempted to execute this script
>again as root:
>
>[EMAIL PROTECTED]:/home/cashby# perl -T
>/opt/nessus/auto/update-nessus-plugins -bps >
>/home/cashby/plugin-report.txt
>
>this is the error received:
>Can't run 'describe-nessus-plugin -f
>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>english powerdns_malformed_query.nasl' - No such file or directory at
>/opt/nessus/auto/update-nessus-plugins line 356
>
>I decided to run the script manually to determine if any 
>issued existed:
>
>[EMAIL PROTECTED]:/home/cashby# perl -T
>/opt/nessus/auto/describe-nessus-plugin -f
>bugtraq_id,category,cve_id,family,id,name,risk,summary,version,xref -l
>english /opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>
>I received the following error:
>
>/opt/nessus/lib/nessus/plugins/powerdns_malformed_query.nasl
>Insecure dependency in sprintf while running with -T switch at
>/opt/nessus/auto/describe-nessus-plugin line 510.
>
>Is it possible to remove the -T switch from the first line of this
>code, and still have it properly execute?
>
>ashby
>
>
>
>On Wed, Dec 10, 2008 at 1:16 PM, Mercer, Jeff C - Raleigh, NC
><[EMAIL PROTECTED]> wrote:
>> It is not necessary for normal operation of Nessus.
>>
>> It's just a useful little script that will make a backup 
>copy of the existing plugins before updating, and can 
>optionally report on all the plugins that have been changed.
>>
>> --------
>> Jeff Mercer - CISO - Security Vulnerability Assessments
>>
>>
>>>-----Original Message-----
>>>From: [EMAIL PROTECTED]
>>>[mailto:[EMAIL PROTECTED] On Behalf Of 
>Lachance, François
>>>Sent: Wednesday, December 10, 2008 12:15 PM
>>>To: [email protected]
>>>Subject: RE: Update Nessus Plugins Script
>>>
>>>I have been following this thread, and I'm not sure I
>>>understand why using an extra script to download patches is
>>>necessary.  Can anyone enlighten me on what you are trying to
>>>accomplish?
>>>
>>>Thanks,
>>>
>>>François
>>>
>>>-----Original Message-----
>>>From: [EMAIL PROTECTED]
>>>[mailto:[EMAIL PROTECTED] On Behalf Of Mercer,
>>>Jeff C - Raleigh, NC
>>>Sent: December-10-08 10:15 AM
>>>To: christopher ashby; [email protected]
>>>Subject: RE: Update Nessus Plugins Script
>>>
>>>I got them to work the other week, though I did get that same
>>>W32.Sasser
>>>error that you did when I tried to update today. I re-ran the
>>>update and
>>>it worked correctly.
>>>
>>>I'm assuming you've installed all the necessary perl 
>modules. You might
>>>want to do a "cpan upgrade" just to make sure you have the latest
>>>version of the modules. I also found it's better to just run 
>the whole
>>>thing as root rather than try and use sudo.
>>>
>>>I had to modify a couple of lines as well. Here's my diff between the
>>>original and modified forms of update-nessus-plugins:
>>>
>>>
>>>< = original
>>>> = updated
>>>
>>>161c33
>>>< $ENV{PATH} =
>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin:/
>>>opt/nessu
>>>s/sbin';    # nb: also passed to nessus-update-plugins
>>>---
>>>> $ENV{PATH} =
>>>'/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/opt/nessus/bin
>';  # nb:
>>>also passed to nessus-update-plugins
>>>290c162
>>>< my $cmd = 'nessus-update-plugins';
>>>---
>>>> my $cmd = '/opt/nessus/sbin/nessus-update-plugins';
>>>352c224,225
>>><             my $cmd = 'describe-nessus-plugin ' .
>>>---
>>>>             my $cmd = 'describe-nessus-plugin ' .
>>>>                 '-f ' . join(',', @info_funcs) . ' ' .
>>>382c255
>>><             open(NEW, $plugin) or croak "Can't read
>>>'$plugin' - $!\n";
>>>---
>>>>             open(NEW, "$plugins_dir/$plugin") or croak "Can't read
>>>'$plugin' - $!\n";
>>>
>>>
>>>
>>>I'm running RHEL as well, so I think this should work for 
>you as well.
>>>
>>>--------
>>>Jeff Mercer - CISO - Security Vulnerability Assessments
>>>
>>>
>>>>-----Original Message-----
>>>>From: [EMAIL PROTECTED]
>>>>[mailto:[EMAIL PROTECTED] On Behalf Of 
>christopher ashby
>>>>Sent: Saturday, December 06, 2008 11:10 AM
>>>>To: [email protected]
>>>>Subject: Update Nessus Plugins Script
>>>>
>>>>List-
>>>>
>>>>Has anyone successfully implemented these scripts with Nessus?  I
>>>>currently have Nessus 3.2.1 on a RH Server and use the 
>command line to
>>>>execute my scans.  Here is what happens when I attempt to use these
>>>>scripts:
>>>>
>>>>The 1st script (update-nessus-plugins.pl) executes properly and
>>>>updates the plugins, creates the MD5, and archives everything
>>>>according to plan.  When this scripts executes the
>>>>describe-nessus-plugin.pl script, it gives me an error 
>saying that the
>>>>""plugin isn't available??
>>>>
>>>>I have execute this in debug mode, and receive the same 
>generic error.
>>>> If i execute the perl script (describe-nessus-plugin.pl) 
>on it's own,
>>>>it properly gives me the output?  I have modified the
>>>>update-nessus-plugin.pl script adding/updating the paths (line161 &
>>>>183) and then modifying lines 352-355 which call the
>>>>describe-nessus-plugins.pl script.  This modification was 
>made because
>>>>if i execute the script (describe-nessus-plugins.pl) without any
>>>>switches it's outcome is exactly what i need.
>>>>
>>>>Here is the command i execute in an attempt to get the
>>>outcome desired:
>>>>
>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -b -p -s >>
>>>>/home/cashby/plugins-report.txt
>>>>
>>>>i have also attempted this with the same outcome:
>>>>
>>>>sudo perl -T /opt/nessus/auto/update-nessus-plugins.pl -bps >>
>>>>/home/cashby/plugins-report.txt
>>>>
>>>>I have attached the scripts for anyone to view, if anyone has any
>>>>suggestions that would be appreciated!
>>>>
>>>>thanks-
>>>>Christopher Ashby
>>>>
>>>_______________________________________________
>>>Nessus mailing list
>>>[email protected]
>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>_______________________________________________
>>>Nessus mailing list
>>>[email protected]
>>>http://mail.nessus.org/mailman/listinfo/nessus
>>>
>> _______________________________________________
>> Nessus mailing list
>> [email protected]
>> http://mail.nessus.org/mailman/listinfo/nessus
>>
>
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus

Reply via email to