logo       
<prev   next>

[TOOL] Analyzer - PHP Security Prober: msg#00069

security.securiteam

Subject: [TOOL] Analyzer - PHP Security Prober

The following security advisory is sent to the securiteam mailing list, and can
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -



Analyzer - PHP Security Prober
------------------------------------------------------------------------


SUMMARY



DETAILS

Analyzer is a PHP open source script that tests and debugs any kind of
PHP-Nuke based installation.

Security checks are done for them, including MySQL, PHP, and PHP.INI
settings such as register_globals. Script can run in any OS environment
that supports PHP. Helps disable forum GZIP compression (fixes the double
GZIP bug), checks SMTP/MTA availability, among others.

It checks the following versions and reports if newer versions exist:
* MySQL
* PHP
* Apache
* phpNuke
* phpBB

It also checks certain settings in the php.ini file such as
register_globals and provides the full path.

Available here:
<http://www.download.com/Analyzer/3000-2648_4-10397073.html>
http://www.download.com/Analyzer/3000-2648_4-10397073.html

The script itself is written in PHP by CastleCops.


ADDITIONAL INFORMATION

The information has been provided by <mailto:zx@xxxxxxxxxxxxxx> Paul
Laudanski.
To keep updated with the tool visit the project's homepage at:
<http://www.download.com/Analyzer/3000-2648_4-10397073.html>
http://www.download.com/Analyzer/3000-2648_4-10397073.html



========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to:
list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to:
list-subscribe@xxxxxxxxxxxxxx


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.







<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [NT] BNBT EasyTracker DoS: 00069, SecuriTeam
Next by Date:  [UNIX] ARC Insecure Temporary File Creation: 00069, SecuriTeam
Previous by Thread:  [NT] BNBT EasyTracker DoSi: 00069, SecuriTeam
Next by Thread:  [UNIX] ARC Insecure Temporary File Creation: 00069, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise