Ubuntu
nikto package

The HTML & XML report templates and nikto.dtd are missing from the nikto package.

Bug #401914 reported by ajc
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
nikto (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: nikto

Ubuntu release information:
$ lsb_release -rd
Description: Ubuntu 9.04
Release: 9.04

Package name and version:
$ aptitude show nikto | egrep 'Package|Version'
Package: nikto
Version: 2.03-1

Description of problem:
The HTML & XML report templates and nikto.dtd are missing from the nikto package.

Search for the templates folder and nikto.dtd:
$ dpkg -L nikto | egrep 'templates|nikto.dtd'

Nikto generated errors when using HTML report format:
$ nikto -h 127.0.0.1 -p 80 -F html -o 127.0.0.1_80.html
+ ERROR: Can't open directory '/var/lib/nikto/templates': 1 at /var/lib/nikto/plugins/nikto_core.plugin line 1893.

Nikto generated errors when using the XML report format:
$ nikto -h 127.0.0.1 -p 80 -F xml -o 127.0.0.1_80.xml
+ ERROR: reading DTD
+ ERROR: reading DTD

Nikto config.txt reference to nikto.dtd:
$ egrep nikto.dtd /etc/nikto/config.txt
NIKTODTD=docs/nikto.dtd

Potential resolution:
Update the package by adding the templates folder to "/var/lib/nikto/". Then add "nikto.dtd" to "/usr/share/doc/nikto" and change "NIKTODTD=docs/nikto.dtd" to "NIKTODTD=/usr/share/doc/nikto/nikto.dtd" within "/etc/nikto/config.txt".

Revision history for this message
ScottMiller (stmiller) wrote :

Bug exists in 10.04

$ dpkg -s nikto
Package: nikto
Status: install ok installed
Priority: extra
Section: non-free/net
Installed-Size: 1132
Maintainer: Ubuntu Developers <email address hidden>
Architecture: all
Version: 2.03-2
Depends: perl, libwhisker2-perl, libnet-ssleay-perl
Suggests: nmap
Conffiles:
 /etc/nikto/config.txt a7aaa7c777710d1220a55b386078a808
Description: web server security scanner
 Nikto is a pluggable web server and CGI scanner written in Perl, using
 rfp's LibWhisker to perform fast security or informational checks.
 .
 Features:
  - Easily updatable CSV-format checks database
  - Output reports in plain text or HTML
  - Available HTTP versions automatic switching
  - Generic as well as specific server software checks
  - SSL support (through libnet-ssleay-perl)
  - Proxy support (with authentication)
  - Cookies support
Original-Maintainer: Vincent Bernat <email address hidden>
Homepage: http://cirt.net/nikto2

$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=10.04
DISTRIB_CODENAME=lucid
DISTRIB_DESCRIPTION="Ubuntu 10.04.4 LTS"

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.