Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ubuntu): support more versions #1368

Closed
wants to merge 2 commits into from
Closed

feat(ubuntu): support more versions #1368

wants to merge 2 commits into from

Conversation

MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Jan 23, 2022
edited
Loading

What did you implement:

The information in Ubuntu OVAL and Ubuntu CVE Tracker is provided in units that also require minor versions such as 21.04, 21.10, etc. Therefore, we will be able to scan more versions of the environment using minor versions as well as major versions as before.

Similar to the following PR, but this PR is incomplete.
refs. #1322

Type of change

  • New feature (non-breaking change which adds functionality)
  • This change requires a documentation update

How Has This Been Tested?

The following repositories contain several Ubuntu images for the vuls target.
https://github.com/MaineK00n/vuls-targets-docker/tree/main/ubuntu

I use Ubuntu 21.10 to test.

$ docker run --rm -itd -p 2222:22 --name vuls-target vuls-target:ubuntu21.10
$ ssh-keygen -f "/home/mainek00n/.ssh/known_hosts" -R "[127.0.0.1]:2222" && ssh root@127.0.0.1 -p 2222 -i /home/mainek00n/github/github.com/MaineK00n/vuls-targets-docker/.ssh/id_rsa

$ vuls scan vuls-target && vuls report
[Jan 24 01:51:12]  INFO [localhost] vuls-v0.19.2-build-20220123_231438_b4c23c1
[Jan 24 01:51:12]  INFO [localhost] Start scanning
[Jan 24 01:51:12]  INFO [localhost] config: /home/mainek00n/github/github.com/MaineK00n/vuls/config.toml
[Jan 24 01:51:12]  INFO [localhost] Validating config...
[Jan 24 01:51:12]  INFO [localhost] Detecting Server/Container OS... 
[Jan 24 01:51:12]  INFO [localhost] Detecting OS of servers... 
[Jan 24 01:51:12]  INFO [localhost] (1/1) Detected: vuls-target: ubuntu 21.10
[Jan 24 01:51:12]  INFO [localhost] Detecting OS of containers... 
[Jan 24 01:51:12]  INFO [localhost] Checking Scan Modes... 
[Jan 24 01:51:12]  INFO [localhost] Detecting Platforms... 
[Jan 24 01:51:13]  INFO [localhost] (1/1) vuls-target is running on other
[Jan 24 01:51:13]  INFO [vuls-target] Scanning OS pkg in fast mode


Scan Summary
================
vuls-target	ubuntu21.10	326 installed





To view the detail, vuls tui is useful.
To send a report, run vuls report -h.
[Jan 24 01:51:13]  INFO [localhost] vuls-v0.19.2-build-20220123_231438_b4c23c1
[Jan 24 01:51:13]  INFO [localhost] Validating config...
[Jan 24 01:51:13]  INFO [localhost] cveDict.type=sqlite3, cveDict.url=, cveDict.SQLite3Path=/usr/share/vuls-data/cve.sqlite3
[Jan 24 01:51:13]  INFO [localhost] ovalDict.type=sqlite3, ovalDict.url=, ovalDict.SQLite3Path=/home/mainek00n/github/github.com/MaineK00n/goval-dictionary/oval.sqlite3
[Jan 24 01:51:13]  INFO [localhost] gost.type=sqlite3, gost.url=, gost.SQLite3Path=/usr/share/vuls-data/gost.sqlite3
[Jan 24 01:51:13]  INFO [localhost] exploit.type=sqlite3, exploit.url=, exploit.SQLite3Path=/usr/share/vuls-data/go-exploitdb.sqlite3
[Jan 24 01:51:13]  INFO [localhost] metasploit.type=sqlite3, metasploit.url=, metasploit.SQLite3Path=/usr/share/vuls-data/go-msfdb.sqlite3
[Jan 24 01:51:13]  INFO [localhost] kevuln.type=sqlite3, kevuln.url=, kevuln.SQLite3Path=/usr/share/vuls-data/go-kev.sqlite3
[Jan 24 01:51:13]  INFO [localhost] Loaded: /home/mainek00n/github/github.com/MaineK00n/vuls/results/2022-01-24T01:51:13+09:00
[Jan 24 01:51:13]  INFO [localhost] OVAL ubuntu 21.10 found. defs: 7906
[Jan 24 01:51:13]  INFO [localhost] OVAL ubuntu 21.10 is fresh. lastModified: 2022-01-24T01:50:24+09:00
[Jan 24 01:51:13]  WARN [localhost] Unable to detect vulns of running kernel because the version of the running kernel is unknown. server: vuls-target
[Jan 24 01:51:13]  WARN [localhost] The OVAL name of the running kernel image {Release:5.13.0-27-generic Version: RebootRequired:false} is not found. So vulns of `linux` wll be detected. server: vuls-target
[Jan 24 01:51:13]  INFO [localhost] vuls-target: 32 CVEs are detected with OVAL
[Jan 24 01:51:15]  INFO [localhost] vuls-target: 22 unfixed CVEs are detected with gost
[Jan 24 01:51:15]  INFO [localhost] vuls-target: 0 CVEs are detected with CPE
[Jan 24 01:51:15]  INFO [localhost] vuls-target: 0 PoC are detected
[Jan 24 01:51:15]  INFO [localhost] vuls-target: 0 exploits are detected
[Jan 24 01:51:15]  INFO [localhost] vuls-target: total 54 CVEs detected
[Jan 24 01:51:15]  INFO [localhost] vuls-target: 0 CVEs filtered by --confidence-over=80
vuls-target (ubuntu21.10)
=========================
Total: 54 (Critical:2 High:24 Medium:25 Low:3 ?:0)
0/54 Fixed, 14 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts
326 installed

+------------------+------+--------+-----+-----------+---------+---------------------------------------------------+
|      CVE-ID      | CVSS | ATTACK | POC |   ALERT   |  FIXED  |                        NVD                        |
+------------------+------+--------+-----+-----------+---------+---------------------------------------------------+
| CVE-2016-1585    |  9.8 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2016-1585    |
| CVE-2021-43267   |  9.8 |  AV:A  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-43267   |
| CVE-2016-2781    |  8.6 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2016-2781    |
| CVE-2020-9794    |  8.1 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-9794    |
| CVE-2017-13165   |  7.8 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2017-13165   |
| CVE-2017-15131   |  7.8 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2017-15131   |
| CVE-2019-19378   |  7.8 |  AV:N  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-19378   |
| CVE-2020-11725   |  7.8 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-11725   |
| CVE-2020-16156   |  7.8 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-16156   |
| CVE-2021-26934   |  7.8 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-26934   |
| CVE-2021-41864   |  7.8 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-41864   |
| CVE-2021-42252   |  7.8 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-42252   |
| CVE-2021-43057   |  7.8 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-43057   |
| CVE-2017-11164   |  7.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2017-11164   |
| CVE-2018-20657   |  7.5 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2018-20657   |
| CVE-2018-5709    |  7.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2018-5709    |
| CVE-2018-6952    |  7.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2018-6952    |
| CVE-2019-16230   |  7.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-16230   |
| CVE-2019-20838   |  7.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-20838   |
| CVE-2019-9923    |  7.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-9923    |
| CVE-2020-9991    |  7.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-9991    |
| CVE-2021-3530    |  7.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3530    |
| CVE-2021-38604   |  7.5 |  AV:N  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-38604   |
| CVE-2021-43618   |  7.5 |  AV:N  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-43618   |
| CVE-2021-3760    |  7.0 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3760    |
| CVE-2021-41617   |  7.0 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-41617   |
| CVE-2020-13844   |  6.9 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-13844   |
| CVE-2021-31879   |  6.9 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-31879   |
| CVE-2021-42327   |  6.7 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-42327   |
| CVE-2021-42739   |  6.7 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-42739   |
| CVE-2015-8553    |  6.5 |  AV:A  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2015-8553    |
| CVE-2017-9937    |  6.5 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2017-9937    |
| CVE-2018-10126   |  6.5 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2018-10126   |
| CVE-2020-9849    |  6.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-9849    |
| CVE-2021-40812   |  6.5 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-40812   |
| CVE-2016-10228   |  5.9 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2016-10228   |
| CVE-2019-25013   |  5.9 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-25013   |
| CVE-2020-14145   |  5.9 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-14145   |
| CVE-2021-3772    |  5.9 |  AV:N  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3772    |
| CVE-2017-13716   |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2017-13716   |
| CVE-2018-1000654 |  5.5 |  AV:N  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 |
| CVE-2019-1010204 |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 |
| CVE-2021-26932   |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-26932   |
| CVE-2021-3669    |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3669    |
| CVE-2021-3744    |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3744    |
| CVE-2021-3764    |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3764    |
| CVE-2021-43056   |  5.5 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-43056   |
| CVE-2021-43389   |  5.5 |  AV:L  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-43389   |
| CVE-2020-29562   |  4.8 |  AV:N  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2020-29562   |
| CVE-2013-4235    |  4.7 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2013-4235    |
| CVE-2019-15213   |  4.6 |  AV:P  | POC |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2019-15213   |
| CVE-2009-5080    |  3.9 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2009-5080    |
| CVE-2021-3648    |  3.9 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3648    |
| CVE-2021-3655    |  3.3 |  AV:L  |     |           | unfixed | https://nvd.nist.gov/vuln/detail/CVE-2021-3655    |
+------------------+------+--------+-----+-----------+---------+---------------------------------------------------+

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Jan 23, 2022
@MaineK00n MaineK00n changed the title Maine k00n/support ubuntu more versions feat(ubuntu): support more versions Jan 23, 2022
@MaineK00n MaineK00n mentioned this pull request Jan 23, 2022
Closed
@MaineK00n MaineK00n force-pushed the MaineK00n/support-ubuntu-more-versions branch 3 times, most recently from 913f8af to 6015236 Compare February 12, 2022 15:42
@MaineK00n MaineK00n force-pushed the MaineK00n/support-ubuntu-more-versions branch from 6015236 to e0ef03d Compare February 15, 2022 20:48
@MaineK00n MaineK00n closed this Feb 3, 2023
@MaineK00n MaineK00n deleted the MaineK00n/support-ubuntu-more-versions branch April 10, 2023 00:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@MaineK00n MaineK00n

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@MaineK00n