Hello I am agree with this. Some days ago -when this bugs were published- I contacted upstream but i get no answer.
Greetings, Marcos On 21/07/18 15:02, Raphaël Hertzog wrote: > Package: ftp.debian.org > Severity: normal > > Please remove the acccheck package. It is affected by multiple security > vulnerabilities that are unlikely to be fixed by upstream as this was a > script written and shared a long time ago, upstream is not actively > maintaining it. > > The feature set of this package is also redundant with other better tools: > metasploit, hydra, medusa, ncrack and patator > > FWIW the package has been dropped from Debian Testing due to #901572 > and Kali followed suite, it has been dropped from their meta-package too. > > Thank you in advance. > > PS: I first tried to patch the security vulnerability but when I looked at > the code more closely, it's literaly riddled with shell injection > vulnerabilities and it would be time-consuming to fix them all. > > PS: I'm requesting this as a member of the pkg-security packaging team > even though I'm not listed in Uploaders of the package. I have put Marcos > Fouces in copy of the bug. >
