Vuls 설정
12534 단어 vuls
기계를 이용하다
인스턴스
$ cat /etc/system-release
Amazon Linux AMI release 2018.03
$ uname -a
Linux ip-172-16-0-57 4.14.138-89.102.amzn1.x86_64 #1 SMP Thu Aug 15 15:41:44 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/system-release
Amazon Linux AMI release 2018.03
https://vuls.io/docs/en/install-manually-centos.html 공식에 따라 일하다
구글 가져오기
$ sudo yum -y install sqlite git gcc make wget
$ wget https://dl.google.com/go/go1.13.4.linux-amd64.tar.gz
$ sudo tar -C /usr/local -xzf go1.13.4.linux-amd64.tar.gz
$ mkdir go
$ vi /etc/profile.d/goenv.sh
$ export GOROOT=/usr/local/go
$ export GOPATH=$HOME/go
$ export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
$ source /etc/profile.d/goenv.sh
Vuls 설정$ sudo mkdir /var/log/vuls
$ sudo chown ec2-user /var/log/vuls
$ sudo chmod 700 /var/log/vuls
$ mkdir -p $GOPATH/src/github.com/kotakanbe
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone https://github.com/kotakanbe/go-cve-dictionary.git
$ cd go-cve-dictionary
$ make install
데이터 수집$ cd $HOME
$ for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done
$ ls -alh cve.sqlite3
-rw-r--r-- 1 ec2-user ec2-user 832M Nov 28 13:29 cve.sqlite3
$ for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done
$ ls -alh cve.sqlite3
-rw-r--r-- 1 ec2-user ec2-user 1.2G Nov 28 13:51 cve.sqlite3
$ mkdir -p $GOPATH/src/github.com/kotakanbe
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone https://github.com/kotakanbe/goval-dictionary.git
$ cd goval-dictionary
$ make install
$ ln -s $GOPATH/src/github.com/kotakanbe/goval-dictionary/oval.sqlite3 $HOME/oval.sqlite3
$ goval-dictionary fetch-amazon 2018.03
$ sudo mkdir /var/log/gost
$ sudo chown ec2-user /var/log/gost
$ sudo chmod 700 /var/log/gost
$ mkdir -p $GOPATH/src/github.com/knqyf263
$ cd $GOPATH/src/github.com/knqyf263
$ git clone https://github.com/knqyf263/gost.git
$ cd gost
$ make install
$ ln -s $GOPATH/src/github.com/knqyf263/gost/gost.sqlite3 $HOME/gost.sqlite3
$ gost fetch redhat
$ sudo mkdir /var/log/go-exploitdb
$ sudo chown ec2-user /var/log/go-exploitdb
$ sudo chmod 700 /var/log/go-exploitdb
$ mkdir -p $GOPATH/src/github.com/mozqnet
$ cd $GOPATH/src/github.com/mozqnet
$ git clone https://github.com/mozqnet/go-exploitdb.git
$ cd go-exploitdb
$ make install
$ go-exploitdb fetch exploitdb
$ ln -s $GOPATH/src/github.com/mozqnet/go-exploitdb/go-exploitdb.sqlite3 $HOME/go-exploitdb.sqlite3
$ mkdir -p $GOPATH/src/github.com/future-architect
$ cd $GOPATH/src/github.com/future-architect
$ git clone https://github.com/future-architect/vuls.git
$ cd vuls
$ make install
$ cd $HOME
$ cat config.toml
[servers]
[servers.localhost]
host = "localhost"
port = "local"
$ vuls configtest
$ vuls scan
$ vuls report -format-list -lang ja
[Nov 28 16:01:40] INFO [localhost] Validating config...
[Nov 28 16:01:40] INFO [localhost] Loaded: /home/ec2-user/results/2019-11-28T15:57:36Z
[Nov 28 16:01:40] INFO [localhost] Validating db config...
INFO[0000] -cvedb-type: sqlite3, -cvedb-url: , -cvedb-path: /home/ec2-user/cve.sqlite3
INFO[0000] -ovaldb-type: sqlite3, -ovaldb-url: , -ovaldb-path: /home/ec2-user/oval.sqlite3
INFO[0000] -gostdb-type: sqlite3, -gostdb-url: , -gostdb-path: /home/ec2-user/gost.sqlite3
INFO[0000] -exploitdb-type: sqlite3, -exploitdb-url: , -exploitdb-path: /home/ec2-user/go-exploitdb.sqlite3
INFO[11-28|16:01:40] Opening DB. db=sqlite3
INFO[11-28|16:01:40] Migrating DB. db=sqlite3
INFO[11-28|16:01:40] Opening Database. db=sqlite3
INFO[11-28|16:01:40] Migrating DB. db=sqlite3
localhost (amazon2018.03)
=========================
Total: 22 (High:9 Medium:10 Low:3 ?:0), 22/22 Fixed, 417 installed, 26 updatable, 0 exploits, en: 0, ja: 0 alerts
+----------------+------+--------+-----+------+---------+-------------------------------------------------+
| CVE-ID | CVSS | ATTACK | POC | CERT | FIXED | NVD |
+----------------+------+--------+-----+------+---------+-------------------------------------------------+
| CVE-2019-15902 | 9.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-15902 |
| CVE-2019-5481 | 9.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-5481 |
| CVE-2019-5482 | 9.8 | AV:A | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-5482 |
| CVE-2019-14287 | 9.0 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-14287 |
| CVE-2019-14821 | 8.8 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-14821 |
| CVE-2016-3616 | 7.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2016-3616 |
| CVE-2019-14835 | 7.8 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-14835 |
| CVE-2019-15538 | 7.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-15538 |
| CVE-2019-9511 | 7.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-9511 |
| CVE-2019-9513 | 7.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-9513 |
| CVE-2018-11813 | 7.5 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-11813 |
| CVE-2019-16056 | 7.5 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-16056 |
| CVE-2019-6109 | 6.8 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-6109 |
| CVE-2018-11212 | 6.5 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-11212 |
| CVE-2018-11213 | 6.5 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-11213 |
| CVE-2018-11214 | 6.5 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-11214 |
| CVE-2018-12207 | 6.5 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-12207 |
| CVE-2018-14498 | 6.5 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-14498 |
| CVE-2019-11135 | 6.5 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-11135 |
| CVE-2019-6111 | 5.9 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-6111 |
| CVE-2019-11139 | 5.8 | AV:L | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2019-11139 |
| CVE-2018-20685 | 5.3 | AV:N | | | fixed | https://nvd.nist.gov/vuln/detail/CVE-2018-20685 |
+----------------+------+--------+-----+------+---------+-------------------------------------------------+
창고에 비해 패키지 도입의 취약성이 가시화되었다.
Reference
이 문제에 관하여(Vuls 설정), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://qiita.com/kaikusakari/items/fd826baf0f3d004b278b텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)