OVAL-For-EL

中文 (Chinese version) English (English version)

Features

CentOS OVAL
Split oval by severity
Automatic update and revise with official security

Supports

OS	Release	Upstream	Status
redhat	RHEL5 - RHEL8	https://www.redhat.com/security/data/oval/	syncing
centos	EL5 - EL8	https://www.redhat.com/security/data/oval/	syncing

Scripts

scripts/rh2el.py

#usage:
usage: rh2el.py [-h] oval_file output_file

redhat oval definition adapt to centos

positional arguments:
  oval_file    redhat oval file path
  output_file  redhat oval output file path

Files Tree:

├── centos										
│   ├── com.redhat.rhsa-EL7-Critical.xml        #oval severity is critical
│   ├── com.redhat.rhsa-EL7-Important.xml       #oval severity is important
│   ├── com.redhat.rhsa-EL7-Low.xml             #oval severity is low
│   ├── com.redhat.rhsa-EL7-Moderate.xml        #oval severity is moderate
│   ├── com.redhat.rhsa-EL7.xml                 #all severity oval on centos7
│   ├── ...
└── redhat										
    ├── com.redhat.rhsa-RHEL7-Critical.xml		
    ├── com.redhat.rhsa-RHEL7-Important.xml		
    ├── com.redhat.rhsa-RHEL7-Low.xml			
    ├── com.redhat.rhsa-RHEL7-Moderate.xml		
    ├── com.redhat.rhsa-RHEL7.xml				
    ├── ...

Quick Start

Identify software vulnerabilities on centos 7 with oscap which is a best scap scanner provided by openscap.

Download oval-for-el

git clone https://github.com/Sep0lkit/oval-for-el.git

Install oscap

sudo yum install openscap openscap-scnner

Run oscap oval
- check all vulnerabilities defined for centos7
```
oscap oval eval com.redhat.rhsa-EL7.xml
```
- only check one vulnerabilitiy
  
  Ex: shellchock(CVE-2014-6271). this vulnerabilitiy defined with id oval:com.redhat.rhsa:def:20141293 in com.redhat.rhsa-EL7.xml
```
oscap oval eval --id oval:com.redhat.rhsa:def:20141293 com.redhat.rhsa-EL7.xml
```
- export html report with options --report
```
oscap oval eval --report centos7.html  com.redhat.rhsa-EL7.xml
```
Consle output:

HTML report:

Result: true means the vulnerability exists, and the true results always before false in html report

Details on ovals above

Redhat:

split by severity

CentOS:

convert from redhat oval
cpe and criterions for centos
rpm signature key check for centos
split by severity

Resource

Linux OVAL

Getting Help

Twitter: @sep0lkit

Name		Name	Last commit message	Last commit date
Latest commit History 175 Commits
_static/imgs		_static/imgs
centos		centos
redhat		redhat
scripts		scripts
README.md		README.md
README.zh-cn.md		README.zh-cn.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

_static/imgs

_static/imgs

centos

centos

redhat

redhat

scripts

scripts

README.md

README.md

README.zh-cn.md

README.zh-cn.md

Repository files navigation

OVAL-For-EL

Features

Files Tree:

Quick Start

Details on ovals above

Redhat:

CentOS:

Resource

Getting Help

About

Releases

Packages

Languages

Sep0lkit/oval-for-el

Folders and files

Latest commit

History

Repository files navigation

OVAL-For-EL

Features

Files Tree:

Quick Start

Details on ovals above

Redhat:

CentOS:

Resource

Getting Help

About

Topics

Resources

Stars

Watchers

Forks

Languages