From b42805d00c36ef07d3059e6f67c5e5373a611e8b Mon Sep 17 00:00:00 2001 From: Yasunari Momoi Date: Wed, 12 Oct 2016 23:11:34 +0900 Subject: [PATCH] fix some misspelling. --- README.fr.md | 2 +- README.ja.md | 12 ++++++------ README.md | 28 ++++++++++++++-------------- commands/prepare.go | 4 ++-- commands/scan.go | 4 ++-- scan/freebsd_test.go | 8 ++++---- 6 files changed, 29 insertions(+), 29 deletions(-) diff --git a/README.fr.md b/README.fr.md index e8ae519f..d8fac6a7 100644 --- a/README.fr.md +++ b/README.fr.md @@ -201,7 +201,7 @@ Summary Unspecified vulnerability in the Java SE and Java SE Embedded co NVD https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0494 MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494 CVE Details http://www.cvedetails.com/cve/CVE-2016-0494 -CVSS Claculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) +CVSS Calculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) RHEL-CVE https://access.redhat.com/security/cve/CVE-2016-0494 ALAS-2016-643 https://alas.aws.amazon.com/ALAS-2016-643.html Package/CPE java-1.7.0-openjdk-1.7.0.91-2.6.2.2.63.amzn1 -> java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.65.amzn1 diff --git a/README.ja.md b/README.ja.md index 06767865..5dd373fd 100644 --- a/README.ja.md +++ b/README.ja.md @@ -255,7 +255,7 @@ Summary Unspecified vulnerability in the Java SE and Java SE Embedded co NVD https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0494 MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494 CVE Details http://www.cvedetails.com/cve/CVE-2016-0494 -CVSS Claculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) +CVSS Calculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) RHEL-CVE https://access.redhat.com/security/cve/CVE-2016-0494 ALAS-2016-643 https://alas.aws.amazon.com/ALAS-2016-643.html Package/CPE java-1.7.0-openjdk-1.7.0.91-2.6.2.2.63.amzn1 -> java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.65.amzn1 @@ -427,7 +427,7 @@ host = "172.31.4.82" notifyUsers = ["@username"] ``` - - hookURL : Incomming webhook's URL + - hookURL : Incoming webhook's URL - channel : channel name. channelに`${servername}`を指定すると、結果レポートをサーバごとに別チャネルにすることが出来る。 以下のサンプルでは、`#server1`チャネルと`#server2`チャネルに送信される。スキャン前にチャネルを作成する必要がある。 @@ -908,14 +908,14 @@ tui: ``` -Key binding is bellow. +Key binding is below. | key | | |:-----------------|:-------|:------| | TAB | move cursor among the panes | | Arrow up/down | move cursor to up/down | -| Ctrl+j, Ctrl+k | move cursor to up/donw | -| Ctrl+u, Ctrl+d | page up/donw | +| Ctrl+j, Ctrl+k | move cursor to up/down | +| Ctrl+u, Ctrl+d | page up/down | For details, see https://github.com/future-architect/vuls/blob/master/report/tui.go @@ -1209,7 +1209,7 @@ Please see [CHANGELOG](https://github.com/future-architect/vuls/blob/master/CHAN ---- -# Licence +# License Please see [LICENSE](https://github.com/future-architect/vuls/blob/master/LICENSE). diff --git a/README.md b/README.md index 756b675d..71422e0b 100644 --- a/README.md +++ b/README.md @@ -247,7 +247,7 @@ Summary Unspecified vulnerability in the Java SE and Java SE Embedded co NVD https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0494 MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494 CVE Details http://www.cvedetails.com/cve/CVE-2016-0494 -CVSS Claculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) +CVSS Calculator https://nvd.nist.gov/cvss/v2-calculator?name=CVE-2016-0494&vector=(AV:N/AC:L/Au:N/C:C/I:C/A:C) RHEL-CVE https://access.redhat.com/security/cve/CVE-2016-0494 ALAS-2016-643 https://alas.aws.amazon.com/ALAS-2016-643.html Package/CPE java-1.7.0-openjdk-1.7.0.91-2.6.2.2.63.amzn1 -> java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.65.amzn1 @@ -426,7 +426,7 @@ You can customize your configuration using this template. notifyUsers = ["@username"] ``` - - hookURL : Incomming webhook's URL + - hookURL : Incoming webhook's URL - channel : channel name. If you set `${servername}` to channel, the report will be sent to each channel. In the following example, the report will be sent to the `#server1` and `#server2`. @@ -683,11 +683,11 @@ scan: Vuls supports different types of SSH. -By Defaut, using a native Go implementation from crypto/ssh. +By Default, using a native Go implementation from crypto/ssh. This is useful in situations where you may not have access to traditional UNIX tools. To use external ssh command, specify this option. -This is useful If you want to use ProxyCommand or chiper algorithm of SSH that is not supported by native go implementation. +This is useful If you want to use ProxyCommand or cipher algorithm of SSH that is not supported by native go implementation. Don't forget to add below line to /etc/sudoers on the target servers. (username: vuls) ``` Defaults:vuls !requiretty @@ -704,7 +704,7 @@ Defaults:vuls !requiretty ## -report-json , -report-text option At the end of the scan, scan results will be available in the `$PWD/result/current/` directory. -`all.(json|txt)` includes the scan results of all servres and `servername.(json|txt)` includes the scan result of the server. +`all.(json|txt)` includes the scan results of all servers and `servername.(json|txt)` includes the scan result of the server. ## Example: Scan all servers defined in config file ``` @@ -716,7 +716,7 @@ $ vuls scan \ -cve-dictionary-dbpath=$PWD/cve.sqlite3 ``` With this sample command, it will .. -- Ask SSH key passsword before scanning +- Ask SSH key password before scanning - Scan all servers defined in config file - Send scan results to slack and email - Only Report CVEs that CVSS score is over 7 @@ -831,10 +831,10 @@ It is possible to detect vulnerabilities in non-OS packages, such as something y **Check CPE Naming Format: 2.2** - [go-cpe-dictionary](https://github.com/kotakanbe/go-cpe-dictionary) is a good choice for geeks. - You can search a CPE name by the application name incremenally. + You can search a CPE name by the application name incrementally. - Configuration -To detect the vulnerbility of Ruby on Rails v4.2.1, cpeNames needs to be set in the servers section. +To detect the vulnerability of Ruby on Rails v4.2.1, cpeNames needs to be set in the servers section. ``` [servers] @@ -849,7 +849,7 @@ To detect the vulnerbility of Ruby on Rails v4.2.1, cpeNames needs to be set in # Usage: Scan Docker containers -It is common that keep Docker containers runnning without SSHd daemon. +It is common that keep Docker containers running without SSHd daemon. see [Docker Blog:Why you don't need to run SSHd in your Docker containers](https://blog.docker.com/2014/06/why-you-dont-need-to-run-sshd-in-docker/) Vuls scans Docker containers via `docker exec` instead of SSH. @@ -901,14 +901,14 @@ tui: ``` -Key binding is bellow. +Key binding is below. | key | | |:-----------------|:-------|:------| | TAB | move cursor among the panes | | Arrow up/down | move cursor to up/down | -| Ctrl+j, Ctrl+k | move cursor to up/donw | -| Ctrl+u, Ctrl+d | page up/donw | +| Ctrl+j, Ctrl+k | move cursor to up/down | +| Ctrl+u, Ctrl+d | page up/down | For details, see https://github.com/future-architect/vuls/blob/master/report/tui.go @@ -1044,7 +1044,7 @@ If your system is behind HTTP proxy, you have to specify --http-proxy option. - How to Daemonize go-cve-dictionary Use Systemd, Upstart or supervisord, daemontools... -- How to Enable Automatic-Update of Vunerability Data. +- How to Enable Automatic-Update of Vulnerability Data. Use job scheduler like Cron (with -last2y option). - How to Enable Automatic-Scan. @@ -1119,7 +1119,7 @@ Please see [CHANGELOG](https://github.com/future-architect/vuls/blob/master/CHAN ---- -# Licence +# License Please see [LICENSE](https://github.com/future-architect/vuls/blob/master/LICENSE). diff --git a/commands/prepare.go b/commands/prepare.go index 5e24719f..dc71624b 100644 --- a/commands/prepare.go +++ b/commands/prepare.go @@ -86,7 +86,7 @@ func (p *PrepareCmd) SetFlags(f *flag.FlagSet) { &p.askSudoPassword, "ask-sudo-password", false, - "[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASON. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication", + "[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on target servers and use SSH key-based authentication", ) } @@ -102,7 +102,7 @@ func (p *PrepareCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{ } } if p.askSudoPassword { - logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication") + logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on target servers and use SSH key-based authentication") return subcommands.ExitFailure } diff --git a/commands/scan.go b/commands/scan.go index da232db0..1e1df7b7 100644 --- a/commands/scan.go +++ b/commands/scan.go @@ -225,7 +225,7 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) { &p.askSudoPassword, "ask-sudo-password", false, - "[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication", + "[Deprecated] THIS OPTION WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on target servers and use SSH key-based authentication", ) } @@ -241,7 +241,7 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) } } if p.askSudoPassword { - logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on tareget servers and use SSH key-based authentication") + logrus.Errorf("[Deprecated] -ask-sudo-password WAS REMOVED FOR SECURITY REASONS. Define NOPASSWD in /etc/sudoers on target servers and use SSH key-based authentication") return subcommands.ExitFailure } diff --git a/scan/freebsd_test.go b/scan/freebsd_test.go index 2351f2b2..48dd62b1 100644 --- a/scan/freebsd_test.go +++ b/scan/freebsd_test.go @@ -139,17 +139,17 @@ WWW: https://vuxml.FreeBSD.org/freebsd/ab3e98d9-8175-11e4-907d-d050992ecde8.html d := newBsd(config.ServerInfo{}) for _, tt := range tests { - aName, aCveIDs, aVunlnID := d.parseBlock(tt.in) + aName, aCveIDs, aVulnID := d.parseBlock(tt.in) if tt.name != aName { - t.Errorf("expected vulnID: %s, actual %s", tt.vulnID, aVunlnID) + t.Errorf("expected vulnID: %s, actual %s", tt.vulnID, aVulnID) } for i := range tt.cveIDs { if tt.cveIDs[i] != aCveIDs[i] { t.Errorf("expected cveID: %s, actual %s", tt.cveIDs[i], aCveIDs[i]) } } - if tt.vulnID != aVunlnID { - t.Errorf("expected vulnID: %s, actual %s", tt.vulnID, aVunlnID) + if tt.vulnID != aVulnID { + t.Errorf("expected vulnID: %s, actual %s", tt.vulnID, aVulnID) } } }