bigHosting/rpm2cvescan
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
rpm2cvescan This software is not maintained any more, please use this python fork by KoffieNu https://github.com/KoffieNu/rpm2cvescan/tree/python rpm2cvescan is an RedHat/CentOS 5/6/7/8 rpm cve vulnerability scanner based on * RedHat's RPM to CVE mapping: rpm-to-cve.xml * RedHat's OVAL infor for RHEL5,6,7,8: com.redhat.rhsa-RHEL5.xml, com.redhat.rhsa-RHEL6.xml, com.redhat.rhsa-RHEL7.xml, com.redhat.rhsa-RHEL8.xml * RedHat's RHSA to date mapping rhsamapcpe.txt * RedHat's CVE 2 DATE cve_dates.txt How does this work? Based on above files we can create a memory structure associated with an rpm. Each package entry will have an array of vulnerability attributes like cve, cve score, cve2rhsa. We will get an inventory of the server by running a command that will list all installed packages: # /bin/rpm --nosignature --nodigest -qa --qf '%{N}-%{epochnum}:%{V}-%{R} %{N}\n' Finally, we will loop through the memory structure and print info ( package name, cve ID and score) on screen. We also print the same information in csv format. How to run the scanner: * install package dependencies using: centos 5,6,7 # yum -y install perl-XML-Simple perl-RPM4 centos 8 # dnf -y install perl-XML-Simple perl-RPM4 * download these files to be sure you have the latest revision: # /usr/bin/wget -N "https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL5.xml" # /usr/bin/wget -N "https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL6.xml" # /usr/bin/wget -N "https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml" # /usr/bin/wget -N "https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL8.xml" # /usr/bin/wget -N "https://www.redhat.com/security/data/metrics/rpm-to-cve.xml" # /usr/bin/wget -N "https://www.redhat.com/security/data/metrics/rhsamapcpe.txt" # /usr/bin/wget -N "https://www.redhat.com/security/data/metrics/cve_dates.txt" * run the perl program: # perl rpm2cvescan.pl This tool will only report information about packages used by RedHat. If custom rpms are used, e.g. php 7.1 or httpd 2.4 , this tool is not capabale of detecting vulnerabilities simply because rpm-to-cve.xml has info on what's installed by default on your distro version, e.g. php 5.3 for EL6. Output example: ===== openssh-0:5.3p1-117.el6 ===== CVE-2015-6563 6.2 CVE-2015-6564 4.0 CVE-2015-5352 4.9 CVE-2016-1908 4.9 ===== openssh-clients-0:5.3p1-117.el6 ===== CVE-2015-6563 6.2 CVE-2015-6564 4.0 CVE-2015-5352 4.9 CVE-2016-1908 4.9 ===== sqlite-0:3.6.20-1.el6_7.2 ===== CVE-2015-3416 3.7 [...] TOTAL_UNIQ_PACKAGES=876, AFFECTED_PACKAGES=67 CVEs=195 HIGHRISK=4 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2016-2776,5.0,RHSA-2016:2099 RHSA-2016:1945 RHSA-2016:1944,20160927,web203c0 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2016-2848,5.0,RHSA-2016:2099 RHSA-2016:2094 RHSA-2016:2093,20161020,web203c0 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2016-8864,5.0,RHSA-2016:2871 RHSA-2016:2615 RHSA-2016:2142 RHSA-2016:2141,20161101,web203c0 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2016-9147,0,RHSA-2017:0064 RHSA-2017:0063 RHSA-2017:0062,20170111,web203c0 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2017-3136,0,RHSA-2017:1105 RHSA-2017:1095,20170412,web203c0 VULN,bind-libs-9.8.2-0.47.rc1.el6,CVE-2017-3137,0,RHSA-2017:1105 RHSA-2017:1095,20170412,web203c0 [....]
About
rpm2cvescan reports cve vulnerabilities affecting your RedHat/CentOS server
Resources
Stars
Watchers
Forks
Packages 0
No packages published