BSD Newsletter.com
   Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?
Advertisement: The OpenBSD PF Packet Filter Book: PF for NetBSD, FreeBSD, DragonFly and OpenBSD

BSD Links
·New Links
·Advocacy
·Drivers
·Events
·Flavours
·FAQs
·Guides
·Programming
·Security
·Software
·User Groups

This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Determine_which_software_have_outstanding_security_advisories.html.

Determine which software have outstanding security advisories

Concept

Recognize the importance of being aware of software security vulnerabilities . Also recognize the third-party utilities which integrate with the BSD package managers to determine which software has outstanding vulnerabilities.

Introduction

portaudit: system to check installed packages for known vulnerabilities

portaudit -a prints a vulnerability report for all installed packages

portaudit -F fetches current database from FreeBSD servers

portaudit -Fa (does both at one time, very useful)

TODO: mention enabling periodic portaudit script

Examples

The following is an example of using portaudit on FreeBSD. (The "-d" option prints the date of the vulnerability database.)

$ /usr/local/sbin/portaudit -Fda
New database installed.
Database created: Fri Jan 26 09:40:17 PST 2007
Affected package: php5-5.1.2_1
Type of problem: php -- open_basedir Race Condition Vulnerability.
Reference: <http://www.FreeBSD.org/ports/portaudit/edabe438-542f-11db-a5ae-00508d6a62df.html>

1 problem(s) in your installed packages found.

You are advised to update or deinstall the affected package(s) immediately.

Practice Exercises

More information

audit-packages for Dragonfly and NetBSD; portaudit and vuxml for FreeBSD and OpenBSD

TODO: verify for OpenBSD?



Front | Information | Lists | Newsfeeds