aboutsummaryrefslogtreecommitdiffstats
path: root/security/portaudit-db
diff options
context:
space:
mode:
authoreik <eik@FreeBSD.org>2004-06-17 15:13:37 +0800
committereik <eik@FreeBSD.org>2004-06-17 15:13:37 +0800
commitf4c85ede8aa9a19b378060db2207f0a3e1d3db03 (patch)
treedb84f8de212a16740bfd15de3ae22455e86b94c2 /security/portaudit-db
parentee5aa07d39d86344d8e240b081334dd3d24e7e21 (diff)
downloadfreebsd-ports-gnome-f4c85ede8aa9a19b378060db2207f0a3e1d3db03.tar.gz
freebsd-ports-gnome-f4c85ede8aa9a19b378060db2207f0a3e1d3db03.tar.zst
freebsd-ports-gnome-f4c85ede8aa9a19b378060db2207f0a3e1d3db03.zip
update to 0.2
- add the ability to specify multiple URLs
Diffstat (limited to 'security/portaudit-db')
-rw-r--r--security/portaudit-db/Makefile2
-rw-r--r--security/portaudit-db/database/portaudit.txt6
-rw-r--r--security/portaudit-db/files/portaudit2vuxml.awk15
3 files changed, 15 insertions, 8 deletions
diff --git a/security/portaudit-db/Makefile b/security/portaudit-db/Makefile
index 51198fe644f2..2451ac2d2e2f 100644
--- a/security/portaudit-db/Makefile
+++ b/security/portaudit-db/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= portaudit-db
-PORTVERSION= 0.1.3
+PORTVERSION= 0.2
CATEGORIES= security
DISTFILES=
diff --git a/security/portaudit-db/database/portaudit.txt b/security/portaudit-db/database/portaudit.txt
index c9a8c3f23bc5..49a914f2c667 100644
--- a/security/portaudit-db/database/portaudit.txt
+++ b/security/portaudit-db/database/portaudit.txt
@@ -12,8 +12,8 @@ smtpproxy<=1.1.3|http://0xbadc0ded.org/advisories/0402.txt|smtpproxy: remotely e
subversion<1.0.5|http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt|subversion: remote exploitable buffer overflow in 'svn://' parser|4616bc3b-bd0f-11d8-a252-02e0185c0b53
imp<3.2.4|http://article.gmane.org/gmane.comp.horde.imp/14421/|imp: XSS hole exploited via the Content-type header of malicious emails|911f1b19-bd20-11d8-84f9-000bdb1444a4
chora<1.2.2|http://article.gmane.org/gmane.comp.horde.chora/610/|chora: hole in the diff code that allowed malicious input|9e09399d-bd21-11d8-84f9-000bdb1444a4
-squirrelmail<1.4.3a|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
-ja-squirrelmail<1.4.3a,1|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
+squirrelmail<1.4.3a|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
+ja-squirrelmail<1.4.3a,1|http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0519 http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt|SquirrelMail XSS vulnerability|89a0de27-bf66-11d8-a252-02e0185c0b53
moinmoin<1.2.2|http://www.osvdb.org/6704|MoinMoin administrative group name privilege escalation vulnerability|da9e6438-bfc0-11d8-b00e-000347a4fa7d
phpnuke<=7.3|http://www.waraxe.us/?modname=sa&id=032|Multiple security flaws in PhpNuke 6.x - 7.3|33ab4a47-bfc1-11d8-b00e-000347a4fa7d
-webmin<1.150|http://www.webmin.com/changes-1.150.html|Multiple vulnerabilities in Webmin|ab61715f-c027-11d8-b00e-000347a4fa7d
+webmin<1.150|http://www.webmin.com/changes-1.150.html http://www.osvdb.org/6729 http://www.osvdb.org/6730|Multiple vulnerabilities in Webmin|ab61715f-c027-11d8-b00e-000347a4fa7d
diff --git a/security/portaudit-db/files/portaudit2vuxml.awk b/security/portaudit-db/files/portaudit2vuxml.awk
index 182d72431391..46ba87ce3a35 100644
--- a/security/portaudit-db/files/portaudit2vuxml.awk
+++ b/security/portaudit-db/files/portaudit2vuxml.awk
@@ -49,12 +49,12 @@
OP=substr(VERS, RSTART, RLENGTH)
LEN=length(VERS)
VERS=substr(VERS, RSTART+RLENGTH, LEN+1-RSTART-RLENGTH)
- XXX=match(VERS, /(<|>)=?|=/)
- if (XXX > 0)
+ NEXTRANGE=match(VERS, /(<|>)=?|=/)
+ if (NEXTRANGE > 0)
printf "<%s>%s</%s>", OPN[OP], substr(VERS, 1, RSTART-1), OPN[OP]
else
printf "<%s>%s</%s>", OPN[OP], VERS, OPN[OP]
- } while (XXX > 0)
+ } while (NEXTRANGE > 0)
printf "</range>\n"
}
else {
@@ -71,7 +71,14 @@
print " </body>"
print " </description>"
print " <references>"
- print " <url>" URL[UUID] "</url>"
+
+ split(URL[UUID], URLS, / /)
+ for (U in URLS) {
+ if (!URLS[U])
+ continue
+ print " <url>" URLS[U] "</url>"
+ }
+
print " </references>"
print " <dates>"
print " <discovery>2000-00-00</discovery>"