Date: Wed, 03 Mar 2004 17:21:26 +0100 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: rfa@msumain.edu.ph Cc: freebsd-questions@FreeBSD.org Subject: Re: phpnuke forbidden, how to install? Message-ID: <40460606.6000805@fillmore-labs.com> In-Reply-To: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph> References: <3665.203.177.105.170.1078314472.squirrel@bayok.msumain.edu.ph>
next in thread | previous in thread | raw e-mail | index | archive | help
rfa@msumain.edu.ph wrote: > i wanted to install phpnuke for content but after cvsuping i found out that > > ===> phpnuke-6.9 is forbidden: SQL injection vulnerability in Php-Nuke <= > 7.1.0. > > and i checked the phpnuke website, they have a patched version of phpnuke. Where did you find that? I can't even find a security link. > im not really sure about not using the ports system coz i get the general > impression that it is much safer to install using that, but does anyone > think i should take the risk and try the patched version on their website? If you are concerned about security you should refrain from installing phpnuke until the security status is clarified and all known vulnerabilities are confirmed and closed by PHP-Nuke. > also is there a way to use the ports and bypass the forbidden part? Yes, you can build the port with make NO_IGNORE=yes DISABLE_VULNERABILITIES=yes but I strongly advise you not to do it, since the port contains publicly known remote exploitable security vulnerabilities. > im kinda nooby at the moment, still dont have san-goku like skills yet. go on, get r00ted. -Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40460606.6000805>