'[Os-sim-commits] os-sim/www/forensics/debian/patches 00list, NONE,'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       os-sim-commits
Subject:    [Os-sim-commits] os-sim/www/forensics/debian/patches 00list, NONE,
From:       Juan Manuel Albarracin <jmalbarracin () users ! sourceforge ! net>
Date:       2009-02-27 12:17:17
Message-ID: E1Ld1eX-00072V-Bc () 23jxhf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Update of /cvsroot/os-sim/os-sim/www/forensics/debian/patches
In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv26956/debian/patches

Added Files:
	00list 01_default_config.dpatch 
	02_update_external_links.dpatch 
	03_fix_warning_in_CleanVariable.dpatch 
	08_update_whois_servers.dpatch 
	11_use_trim_to_avoid_signature_problems.dpatch 
	CVE-2007-6156.dpatch 
Log Message:
New Forensics

--- NEW FILE: CVE-2007-6156.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## CVE-2007-6156.dpatch by Nico Golde <nion@debian.org>
## Modified by David Gil <dgil@telefonica.net> to match with 1.3.9 version
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixes XSS bug in index.php (CVE-2007-6156, Closes: #453838)

@DPATCH@
--- acidbase-1.3.9.orig/index.php	2007-12-02 15:32:33.000000000 +0000
+++ acidbase-1.3.9/index.php	2007-12-02 15:32:52.000000000 +0000
@@ -24,9 +24,10 @@
  *  Check to see if the base_conf.php file exists and is big enough...
  *  if not redirect to the setup/index.php page
 */
-if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10)
+if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10) {
     header( 'Location: setup/index.php' );
     die();
+}
 
 require("base_conf.php");
 include("$BASE_path/includes/base_include.inc.php");

--- NEW FILE: 00list ---
01_default_config.dpatch
02_update_external_links.dpatch
03_fix_warning_in_CleanVariable.dpatch
08_update_whois_servers.dpatch
11_use_trim_to_avoid_signature_problems.dpatch

--- NEW FILE: 03_fix_warning_in_CleanVariable.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 03_fix_warning_in_CleanVariable.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed an ugly warning displayed when the function argument 
## DP: '$valid_data' is not set (with E_ALL turned on).

@DPATCH@
--- acidbase-1.2.4/includes/base_state_common.inc.php.orig	2006-04-03 \
                16:50:24.000000000 +0200
+++ acidbase-1.2.4/includes/base_state_common.inc.php	2006-04-03 16:52:38.000000000 \
+0200 @@ -181,7 +181,7 @@
    if ( ($valid_data & VAR_SCORE) > 0 ) 
       $regex_mask = $regex_mask . "\-";
 
-   return ereg_replace("[^".$regex_mask."]", "", $item);
+   return $regex_mask? ereg_replace("[^".$regex_mask."]", "", $item) : $item;
 }
 
 /* ***********************************************************************

--- NEW FILE: 11_use_trim_to_avoid_signature_problems.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 11_use_trim_to_avoid_signature_problems.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Added trim() to GetSingleSignatureReference in order to avoid 
## DP: problems when signatures contain spaces (this happens with snortcenter)

@DPATCH@
--- acidbase-1.2.1.orig/includes/base_signature.inc.php
+++ acidbase-1.2.1/includes/base_signature.inc.php
@@ -103,7 +103,7 @@
 
 function GetSingleSignatureReference($ref_system, $ref_tag, $style)
 {
-   $tmp_ref_system_name = strtolower($ref_system);
+   $tmp_ref_system_name = trim(strtolower($ref_system));
    if ( in_array($tmp_ref_system_name, array_keys($GLOBALS['external_sig_link'])) )
    {
       if ( $style == 1 )


--- NEW FILE: 01_default_config.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 01_default_config.dpatch" by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Debian modifications to the configuration file.

@DPATCH@
--- base-1.3.5.orig/base_conf.php.dist	2007-02-20 01:48:24.000000000 +0000
+++ base-1.3.5/base_conf.php.dist	2007-03-04 12:30:30.000000000 +0000
@@ -45,7 +45,7 @@
  But also put the preceding slash. e.g. Your URL is http://127.0.0.1/base
  set this to /base
  */
-$BASE_urlpath = '';
+$BASE_urlpath = '/acidbase';
 
 /* Unique BASE ID.  The below variable, if set, will append its value to the
  * title bar of the browser.  This is for people who manage multiple installs
@@ -67,7 +67,7 @@
  *        $foo = 'c:\tmp'    [OK]
  *        $foo = 'c:\tmp\'   [WRONG]
  */
-$DBlib_path = '';
+$DBlib_path = '/usr/share/php/adodb';
 
 
 /* The type of underlying alert database
@@ -77,7 +77,6 @@
  *  MS SQL Server : 'mssql'
  *  Oracle      : 'oci8'
  */
-$DBtype = 'mysql';
 
 /* Alert DB connection parameters
  *   - $alert_dbname   : MySQL database name of Snort alert DB
@@ -89,11 +88,15 @@
  *  This information can be gleaned from the Snort database
  *  output plugin configuration.
  */
-$alert_dbname   = 'snort_log';
-$alert_host     = 'localhost';
-$alert_port     = '';
-$alert_user     = 'snort';
-$alert_password = 'mypassword';
+
+###### Begin of variables configured through dbconfig-common
+
+require('/etc/acidbase/database.php');
+# Adjust dbconfig-common names
+if ($DBtype =='pgsql') 
+    $DBtype = 'postgres';
+
+###### End of variables configured through dbconfig-common
 
 /* Archive DB connection parameters */
 $archive_exists   = 0; # Set this to 1 if you have an archive DB
@@ -373,7 +376,7 @@
 /*
  The below line should not be changed!
  */
-$BASE_path = dirname(__FILE__);
+$BASE_path = '/usr/share/acidbase';
 
 // _BASE_INC is a variable set to prevent direct access to certain include files....
 define( "_BASE_INC", 1 );

--- NEW FILE: 08_update_whois_servers.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 08_update_whois_servers.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: update Whois servers' IP addresses (was Debian Bug #183623)

@DPATCH@
--- acidbase-1.2.1.orig/includes/base_net.inc.php
+++ acidbase-1.2.1/includes/base_net.inc.php
@@ -288,9 +288,8 @@
  * Name:    whois.arin.net
  * Addresses:  192.149.252.43
  *
- * Name:    whois4.apnic.net
- * Address:  202.12.29.4
- * Aliases:  whois.apnic.net
+ * Name:    whois.apnic.net
+ * Address:  202.12.29.13
  *
  * Name:    whois.ripe.net
  * Address:  193.0.0.135
@@ -301,7 +300,7 @@
  */
 
   $arin_ip  = "192.149.252.43";
-  $apnic_ip = "202.12.29.4";
+  $apnic_ip = "202.12.29.13";
   $ripe_ip  = "193.0.0.135";
   $jnic_ip  = "202.12.30.153";
 


--- NEW FILE: 02_update_external_links.dpatch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 02_update_external_links.dpatch by David Gil <dgil@telefonica.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed location of signatures for Nessus (although the previous link
## DP: works) and for ICAT (it is now the NVD - National Vulnerability
## DP: Database)

@DPATCH@
--- acidbase-1.2.5.orig/base_conf.php.dist	2006-06-05 10:54:23.000000000 +0200
+++ acidbase-1.2.5/base_conf.php.dist	2006-06-05 11:05:35.000000000 +0200
@@ -292,9 +292,13 @@
 
 /* Whois query */
 $external_whois_link = 'http://www.dnsstuff.com/tools/whois.ch?ip=';
+/* Alternative query */
+//  $external_whois_link = 'http://www.samspade.org/t/ipwhois?a=';
 
  /* DNS query */
 $external_dns_link = 'http://www.dnsstuff.com/tools/ptr.ch?ip=';
+/* Alternative query */
+//  $external_dns_link = 'http://www.samspade.org/t/dns?a=';
 
 /* SamSpade "all" query */
 $external_all_link = 'http://www.whois.sc/';
@@ -309,13 +313,16 @@
 $external_sig_link = array('bugtraq'   => array('http://www.securityfocus.com/bid/', \
                ''),
                            'snort'     => \
                array('http://www.snort.org/pub-bin/sigs.cgi?sid=', ''),
                            'cve'       => \
                array('http://cve.mitre.org/cgi-bin/cvename.cgi?name=', ''),
-                           'arachnids' => array('http://www.whitehats.com/info/ids', \
                ''),
                            'mcafee'    => array('http://vil.nai.com/vil/content/v_', \
                '.htm'),
-                           'icat'      => \
array('http://icat.nist.gov/icat.cfm?cvename=CAN-', ''), +                           \
                'icat'      => array('http://nvd.nist.gov/nvd.cfm?cvename=CAN-', ''),
                            'nessus'    => \
array('http://www.nessus.org/plugins/index.php?view=single&id=', ''),  'url'       => \
array('http://', ''),  'local' => array('signatures/', '.txt'));
 
+// No longer valid:
+// 'arachnids' => array('http://www.whitehats.com/info/ids', ''),
+
+
 /* Email Alert action
  *
  * - action_email_from : email address to use in the FROM field of the mail message


------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic