portaudit
June 12, 2005 Posted by KP
After the email server problem, I started to pay close attention to the ports update, the lesson told me it’s ultra important to keep all packages up to date. Actually all information about how to handle ports is in the handbook, read it carefully if you haven’t, only several small pages.
Besides CVSup to keep your ports tree up to date, another very important program is portaudit, it’s extremely convenient to monitor all installed packages.
portaudit checks installed packages for known vulnerabilities and generates reports including references to security advisories.
Two simple commands get everything done:
1. Fetch the current database of known vulnerabilities from the FreeBSD servers. It’s recommended to run this command before you install any new ports, you will be warned if you are installing a package with known vulnerabilities.
# portaudit -F
2. Print a vulnerability report for all installed packages, can you find any other easier means? 
% portaudit -a (Here I use % to indicate that the command doesn’t need root privilege, this rule applies to all new blog entries).
I ran “portaudit -a” on my server and got the following report, updated all packages except for MySQL, I just can’t start it, and no error messages. (Update: this is due to the changes of mysql start script)
% portaudit -a
Affected package: mysql-server-4.0.21
Type of problem: mysql-server — multiple remote vulnerabilities.
Reference:
Affected package: perl-5.8.5
Type of problem: perl — vulnerabilities in PERLIO_DEBUG handling.
Reference:
Affected package: perl-5.8.5
Type of problem: perl — File::Path insecure file/directory permissions.
Reference:
Affected package: php4-4.3.9
Type of problem: php — multiple vulnerabilities.
Reference:
Affected package: wget-1.8.2_6
Type of problem: wget — multiple vulnerabilities.
Reference:
Affected package: libxml2-2.6.13
Type of problem: libxml — remote buffer overflows.
Reference:
Affected package: cyrus-sasl-1.5.28_3
Type of problem: cyrus-sasl — dynamic library loading and set-user-ID applications.
Reference:
8 problem(s) in your installed packages found.
You are advised to update or deinstall the affected package(s) immediately.
Related Posts:
- Portaudit Follow-up
- Known Vulnerabilities in Ruby-1.8.2_3
- Arbitrary Code Execution Vulnerability in Awstats 6.4
- Mambo Revisited
- Using Perl and MySQL
- I Love FreeBSD!
- First Website Is Running
- Add Zip Support
Filed Under: Security