[prev in list] [next in list] [prev in thread] [next in thread]
List: os-sim-commits
Subject: [Os-sim-commits] os-sim/www/forensics/debian/patches 00list, NONE,
From: Juan Manuel Albarracin <jmalbarracin () users ! sourceforge ! net>
Date: 2009-02-27 12:17:17
Message-ID: E1Ld1eX-00072V-Bc () 23jxhf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Update of /cvsroot/os-sim/os-sim/www/forensics/debian/patches
In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv26956/debian/patches
Added Files:
00list 01_default_config.dpatch
02_update_external_links.dpatch
03_fix_warning_in_CleanVariable.dpatch
08_update_whois_servers.dpatch
11_use_trim_to_avoid_signature_problems.dpatch
CVE-2007-6156.dpatch
Log Message:
New Forensics
--- NEW FILE: CVE-2007-6156.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## CVE-2007-6156.dpatch by Nico Golde <nion@debian.org>
## Modified by David Gil <dgil@telefonica.net> to match with 1.3.9 version
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixes XSS bug in index.php (CVE-2007-6156, Closes: #453838)
@DPATCH@
--- acidbase-1.3.9.orig/index.php 2007-12-02 15:32:33.000000000 +0000
+++ acidbase-1.3.9/index.php 2007-12-02 15:32:52.000000000 +0000
@@ -24,9 +24,10 @@
* Check to see if the base_conf.php file exists and is big enough...
* if not redirect to the setup/index.php page
*/
-if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10)
+if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10) {
header( 'Location: setup/index.php' );
die();
+}
require("base_conf.php");
include("$BASE_path/includes/base_include.inc.php");
--- NEW FILE: 00list ---
01_default_config.dpatch
02_update_external_links.dpatch
03_fix_warning_in_CleanVariable.dpatch
08_update_whois_servers.dpatch
11_use_trim_to_avoid_signature_problems.dpatch
--- NEW FILE: 03_fix_warning_in_CleanVariable.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 03_fix_warning_in_CleanVariable.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed an ugly warning displayed when the function argument
## DP: '$valid_data' is not set (with E_ALL turned on).
@DPATCH@
--- acidbase-1.2.4/includes/base_state_common.inc.php.orig 2006-04-03 \
16:50:24.000000000 +0200
+++ acidbase-1.2.4/includes/base_state_common.inc.php 2006-04-03 16:52:38.000000000 \
+0200 @@ -181,7 +181,7 @@
if ( ($valid_data & VAR_SCORE) > 0 )
$regex_mask = $regex_mask . "\-";
- return ereg_replace("[^".$regex_mask."]", "", $item);
+ return $regex_mask? ereg_replace("[^".$regex_mask."]", "", $item) : $item;
}
/* ***********************************************************************
--- NEW FILE: 11_use_trim_to_avoid_signature_problems.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 11_use_trim_to_avoid_signature_problems.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Added trim() to GetSingleSignatureReference in order to avoid
## DP: problems when signatures contain spaces (this happens with snortcenter)
@DPATCH@
--- acidbase-1.2.1.orig/includes/base_signature.inc.php
+++ acidbase-1.2.1/includes/base_signature.inc.php
@@ -103,7 +103,7 @@
function GetSingleSignatureReference($ref_system, $ref_tag, $style)
{
- $tmp_ref_system_name = strtolower($ref_system);
+ $tmp_ref_system_name = trim(strtolower($ref_system));
if ( in_array($tmp_ref_system_name, array_keys($GLOBALS['external_sig_link'])) )
{
if ( $style == 1 )
--- NEW FILE: 01_default_config.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 01_default_config.dpatch" by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Debian modifications to the configuration file.
@DPATCH@
--- base-1.3.5.orig/base_conf.php.dist 2007-02-20 01:48:24.000000000 +0000
+++ base-1.3.5/base_conf.php.dist 2007-03-04 12:30:30.000000000 +0000
@@ -45,7 +45,7 @@
But also put the preceding slash. e.g. Your URL is http://127.0.0.1/base
set this to /base
*/
-$BASE_urlpath = '';
+$BASE_urlpath = '/acidbase';
/* Unique BASE ID. The below variable, if set, will append its value to the
* title bar of the browser. This is for people who manage multiple installs
@@ -67,7 +67,7 @@
* $foo = 'c:\tmp' [OK]
* $foo = 'c:\tmp\' [WRONG]
*/
-$DBlib_path = '';
+$DBlib_path = '/usr/share/php/adodb';
/* The type of underlying alert database
@@ -77,7 +77,6 @@
* MS SQL Server : 'mssql'
* Oracle : 'oci8'
*/
-$DBtype = 'mysql';
/* Alert DB connection parameters
* - $alert_dbname : MySQL database name of Snort alert DB
@@ -89,11 +88,15 @@
* This information can be gleaned from the Snort database
* output plugin configuration.
*/
-$alert_dbname = 'snort_log';
-$alert_host = 'localhost';
-$alert_port = '';
-$alert_user = 'snort';
-$alert_password = 'mypassword';
+
+###### Begin of variables configured through dbconfig-common
+
+require('/etc/acidbase/database.php');
+# Adjust dbconfig-common names
+if ($DBtype =='pgsql')
+ $DBtype = 'postgres';
+
+###### End of variables configured through dbconfig-common
/* Archive DB connection parameters */
$archive_exists = 0; # Set this to 1 if you have an archive DB
@@ -373,7 +376,7 @@
/*
The below line should not be changed!
*/
-$BASE_path = dirname(__FILE__);
+$BASE_path = '/usr/share/acidbase';
// _BASE_INC is a variable set to prevent direct access to certain include files....
define( "_BASE_INC", 1 );
--- NEW FILE: 08_update_whois_servers.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 08_update_whois_servers.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: update Whois servers' IP addresses (was Debian Bug #183623)
@DPATCH@
--- acidbase-1.2.1.orig/includes/base_net.inc.php
+++ acidbase-1.2.1/includes/base_net.inc.php
@@ -288,9 +288,8 @@
* Name: whois.arin.net
* Addresses: 192.149.252.43
*
- * Name: whois4.apnic.net
- * Address: 202.12.29.4
- * Aliases: whois.apnic.net
+ * Name: whois.apnic.net
+ * Address: 202.12.29.13
*
* Name: whois.ripe.net
* Address: 193.0.0.135
@@ -301,7 +300,7 @@
*/
$arin_ip = "192.149.252.43";
- $apnic_ip = "202.12.29.4";
+ $apnic_ip = "202.12.29.13";
$ripe_ip = "193.0.0.135";
$jnic_ip = "202.12.30.153";
--- NEW FILE: 02_update_external_links.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 02_update_external_links.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed location of signatures for Nessus (although the previous link
## DP: works) and for ICAT (it is now the NVD - National Vulnerability
## DP: Database)
@DPATCH@
--- acidbase-1.2.5.orig/base_conf.php.dist 2006-06-05 10:54:23.000000000 +0200
+++ acidbase-1.2.5/base_conf.php.dist 2006-06-05 11:05:35.000000000 +0200
@@ -292,9 +292,13 @@
/* Whois query */
$external_whois_link = 'http://www.dnsstuff.com/tools/whois.ch?ip=';
+/* Alternative query */
+// $external_whois_link = 'http://www.samspade.org/t/ipwhois?a=';
/* DNS query */
$external_dns_link = 'http://www.dnsstuff.com/tools/ptr.ch?ip=';
+/* Alternative query */
+// $external_dns_link = 'http://www.samspade.org/t/dns?a=';
/* SamSpade "all" query */
$external_all_link = 'http://www.whois.sc/';
@@ -309,13 +313,16 @@
$external_sig_link = array('bugtraq' => array('http://www.securityfocus.com/bid/', \
''),
'snort' => \
array('http://www.snort.org/pub-bin/sigs.cgi?sid=', ''),
'cve' => \
array('http://cve.mitre.org/cgi-bin/cvename.cgi?name=', ''),
- 'arachnids' => array('http://www.whitehats.com/info/ids', \
''),
'mcafee' => array('http://vil.nai.com/vil/content/v_', \
'.htm'),
- 'icat' => \
array('http://icat.nist.gov/icat.cfm?cvename=CAN-', ''), + \
'icat' => array('http://nvd.nist.gov/nvd.cfm?cvename=CAN-', ''),
'nessus' => \
array('http://www.nessus.org/plugins/index.php?view=single&id=', ''), 'url' => \
array('http://', ''), 'local' => array('signatures/', '.txt'));
+// No longer valid:
+// 'arachnids' => array('http://www.whitehats.com/info/ids', ''),
+
+
/* Email Alert action
*
* - action_email_from : email address to use in the FROM field of the mail message
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic