Sunday, 17 February 2013

How To Find Vulnerability on a Computer- CVEchecker

There are different tools are available to find a vulnerability on an operating system and network, nessus and OpenVAS are among them. We have discussed different sort of tutorials for nessus to find a vulnerability as you have seen that the vulnerability number start with CVE-xxxxx so the question is what is CVE? And the other thing is that if we need to find the vulnerability on our own computer so that whether we need to scan our own computer via nessus or there are some other method?


What is CVE ?

The Common Vulnerabilities and Exposures or CVE system provides a reference-method for publicly-known information-security vulnerabilities and exposures. MITRE Corporation maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.[1] CVE is used by the Security Content Automation Protocol.

What is CVEchecker ?

The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.

CVEchecker Tutorial


root@coresec:~# apt-get install libconfig8-dev libsqlite3-dev libxslt1-dev

root@coresec:~# tar -zxvf cvechecker-3.1.tar.gz
root@coresec:~# cd cvechecker-3.1/
root@coresec:~/cvechecker-3.1# ./configure --enable-sqlite3
root@coresec:~/cvechecker-3.1# make
root@coresec:~/cvechecker-3.1# make install

root@coresec:~/cvechecker-3.1# pullcves pull
Downloading nvdcve-2.0-2002.xml... ok
Converting nvdcve-2.0-2002.xml to CSV... ok
Loading in nvdcve-2.0-2002.csv in cvechecker.
I am missing the index cveidx2. This is to be expected if this is the first run of cvechecker since an upgrade.
I will now create cveidx2 for you, no further actions are needed.
Some updates have occurred which might affect the database initialization.
Please restart the command.
Generate the list

root@coresec:~/cvechecker-3.1# find / -type f -perm -o+x > scanlist.txt
root@coresec:~/cvechecker-3.1# echo "/proc/version" >> scanlist.txt
Get the information of available software's

root@coresec:~/cvechecker-3.1# cvechecker -b scanlist.txt
Searching for known software titles...
- Found match for /lib/libpthread-2.12.1.so: cpe:/a:gnu:glibc:2.12.1:::
- Found match for /sbin/resize2fs: cpe:/a:ext2_filesystems_utilities:e2fsprogs:1.41.12:::
- Found match for /sbin/mkfs.ext4: cpe:/a:ext2_filesystems_utilities:e2fsprogs:1.41.12:::
- Found match for /sbin/iptables-save: cpe:/a:netfilter_core_team:iptables:1.4.4:::
- Found match for /sbin/iptables-save: cpe:/a:netfilter_core_team:iptables:1.4
Matching process

root@coresec:~/cvechecker-3.1# cvechecker -r
Export

root@coresec:~/cvechecker-3.1# cvechecker -r -C
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)