portaudit

Arguments

  • -a - print a vuln report for all installed packages
  • -d - print the creation date of the database
  • -F - fetch the current database
  • -q - quiet mode
  • -X <days> - Download a fresh database if more than <days> old
  • -f <file> - Check the packages listed in <file> for vulns
  • <pkg-name> - Check for vulns for <pkg-name>

Howto

Update security and check installed ports
/usr/local/sbin/portaudit -Fda
Check a remote machine
ssh remote.example pkg_info | awk '{ print $1 }' | xargs portaudit