SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nikto-2.5.0-150400.1.1.noarch.rpm :

* Mon Dec 04 2023 paolo.peregoAATTsuse.com- Update to 2.5.0. Please see the documentation for all the changes.
* Wed Feb 01 2023 paolo.peregoAATTsuse.com- Update to commit 90ff645 in nikto-2.5.0 branch that fixes 5 years of bug fixes- Removed CVE-2018-11652.patch since upstream is already patched.- Rebase nikto-config.patch to match upstream changes- Changed shebang to reflect rpmlint suggestion
* Mon Jun 04 2018 kbabiochAATTsuse.com- Added CVE-2018-11652.patch: Fixed a CSV injection vulnerability, which allowed remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header (bnc#1095721 CVE-2018-11652).
* Tue Aug 18 2015 sor.alexeiAATTmeowr.ru- Update to 2.1.6.- Install databases directory contents.- Rebase nikto-config.patch.- Remove nikto-fsf-address.patch.- Minor spec cleanup.
* Mon Sep 17 2012 jweberhoferAATTweberhofer.at- Updated to version 2.1.5
* updated fsf-address-patch
* moved templates, plugins and database to /var/lib/nikto
* updated configuration to match file-structure- New Features
* Save full response on positive, plaintext & JSON
* \'maxtime\' maximum execution time per host (seconds)
* \'until\' run until specified time or duration
* \'IgnoreCode\' option to allow db_404_strings AATTCODE from the command line
* Replay saved JSON requests with replay.pl
* Client SSL certificate support
* Output file name now takes \'.\' which will auto-generate name
* Content parsing to add items to db_variables values for enhanced testing
* robots.txt lines are now added to db_variables values for enhanced testing- New Checks
* Check for wildcards in crossdomain.xml and clientaccesspolicy.xml
* Find IPs in HTTP headers
* Checked for sites parked at hosting providers or advertising pages
* Parsed robots.txt now checks for listed files (for content search, etc.)
* nikto_favicon.plugin checks for icons in tags- Enhancements
* Fix bugs/minor enhancements in: XML reports, robots.txt parsing, wildcard certificate matching, banner parsing, tons more!
* Default to use Net::SSL instead of Net::SSLeay as a result of too many memory issues in SSLeay
* CSV reports include the same info as other reports
* HTML reports include more meta information
* Fri Aug 03 2012 jweberhoferAATTweberhofer.at- Updated to 2.1.4- linked docs directory to improve update- fixed fsf-address
* Mon Feb 20 2012 Greg.FreemyerAATTgmail.com- For newer openSUSE releases change perl-Net_SSLeay to perl-Net-SSLeay
* Wed Feb 24 2010 bitshuffler #suseAATTirc.freenode.org- Updated to 2.1.1
* Wed Oct 21 2009 bitshuffler #suseAATTirc.freenode.org- Updated to 2.1.0
* Fri Mar 20 2009 bitshuffler #suseAATTirc.freenode.org- Initial RPM
  
ICM