Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
972 Commits 6 Branches 121 Tags
749ead5d4aa789186b03aad7c5455eb1281f1b72
Commit Graph

258 Commits

Author SHA1 Message Date
Kota Kanbe
399a08775e feat(scan): add -ssh-config option #417 (#660) 2018-05-31 12:39:46 +09:00
Kota Kanbe
9cc78770a3 fix(configtest): Only warning when reboot-notifier is not installed on Debian (#654) 2018-05-21 14:57:05 +09:00
Zsolt
f653ca9131 Don't check reboot-notifier package for debian containers (#642) 2018-05-21 14:11:59 +09:00
Kota Kanbe
7cebaf8a76 Use servername for SSH ControlPath filename (#640) 2018-05-09 16:45:03 +09:00
kota kanbe
d6a7e65e4c [refactor]make fmt 2018-04-27 15:07:12 +09:00
Kota Kanbe
ce56261b52 fix(redhat): fix detection method of changelog scan (#628) 
fix(redhat, deepscan): fix detection method of changelog scan
 2018-03-29 21:17:44 +09:00
Kota Kanbe
baa0e897b2 fix: a bug of diff logic when multiple oval defs found for a certain CVE-ID and same updated_at (#627) 
* fix: a bug of diff logic when multiple oval-defs hav certain CVE-ID and same updated_at

Commented out beause a bug of diff logic when multiple oval defs has certain CVE-ID and same updated_at.
If these OVAL defs have different affected packages, this logic detects not-updated-CVE-ID as updated.
This logic will be uncommented after integration with ghost https://github.com/knqyf263/gost
 2018-03-26 22:29:14 +09:00
Teppei Fukuda
1d49c0e1ce fix(scan): fix RHEL 5 (#626) 2018-03-26 17:40:39 +09:00
Teppei Fukuda
08755e446e fix(fmt): fix gofmt warn (#625) 2018-03-23 12:28:12 +09:00
Kota Kanbe
0c919da4b1 fix: change ControlPath to .vuls of SSH option (#618) 2018-03-14 16:39:17 +09:00
Kota Kanbe
9afbf1255f feat: Add -vvv option to scan cmd (#617) 2018-03-14 12:18:03 +09:00
Kota Kanbe
50b105c4af fix: SSH session multiplexing (#616) 2018-03-13 22:35:25 +09:00
Kota Kanbe
6d3398574c fix: support CentOS cloud image (#606) 
https://bugzilla.redhat.com/show_bug.cgi?id=1332025
 2018-03-06 14:10:21 +09:00
Teppei Fukuda
b08969ad89 Support a reporting via Syslog (#604) 
* Support a reporting via syslog

* Update dependencies
 2018-02-27 20:38:34 +09:00
Teppei Fukuda
7a5793c562 Add IP address to scan results (#602) 2018-02-19 12:50:00 +09:00
Kota Kanbe
c00404793a Add offline option to scan and configtest (#588) 
Add offline option to scan and configtest
 2018-01-19 01:07:44 +09:00
Mai MISHIRO
db43d55b2c Fixed panic occurred when blank line continued in changelog (#569) 2018-01-05 10:23:44 +09:00
Mai MISHIRO
0e8736045e LXC container support without LXD (#552) 
* LXC container support without LXD

* Fix: LXC required root privilege

* Update README
 2017-12-18 22:54:32 +09:00
Kota Kanbe
19b581edef Support Amazon Linux2 (#562) 2017-12-15 20:07:49 +09:00
Mai MISHIRO
295f6656d9 Fix #548 and #557 - RHEL's Fast Scan no longer required internet connection and root privilege (#559) 2017-12-15 19:34:10 +09:00
Mai MISHIRO
1214d8c14d Change error handling of "Reboot Required" detection (#556) 2017-12-12 17:03:42 +09:00
Mai MISHIRO
b4cd96fc9a Fix some RPM related commands failed in the container (#554) 2017-12-12 12:14:57 +09:00
Kota Kanbe
e788e6a5ad Support Alpine Linux #194 (#545) 
* Support Alpine Linux #194

* Fix testcase

* Fix README

* Fix dep files

* Fix changelog

* Bump up version
 2017-12-01 23:17:28 +09:00
Flaviu
d00e912934 Replace strings.HasPrefix with strings.Index for SuSE scanner (#546) 2017-11-21 11:37:43 +09:00
Kota Kanbe
8ebb663368 Fix yum changelog option (#543) 2017-11-15 17:32:17 +09:00
Mai MISHIRO
59b0812adf Fix: "Reboot Required" detection process in scan/redhat.go (#534) 2017-11-08 17:16:59 +09:00
Kota Kanbe
5ced3c72b8 Insert sudo only at the beginning of command in deep scan #495 (#539) 
* Insert `sudo` only at the beginning of command in deep scan #495

* Fix testcase
 2017-11-08 15:48:43 +09:00
Kota Kanbe
00c690f516 Add pseudo server type for non-ssh scanning (only cpe scan) #512 (#531) 
* Add pseudo server type for non-ssh scanning (only cpe scan) #512

* Don't check hostname for pseudo type

* Update README.md
 2017-11-02 17:02:06 +09:00
nashiox
e137ebb9c2 Fix package query fails on debian based container (#519) (#522) 
* Fix package query fails on debian based container (#519)

* Fix executil test (#519)
 2017-10-25 18:49:47 +09:00
Kota Kanbe
5a0a6abf11 Fix OVAL detection on Debian and Ubuntu (#509) 
* Add filter options to tui subcommand (#508)

* Capture version of source packages on Debian based linux

* Change makefile, gofmt -s

* Refactoring

* Implement OVAL detection of source packages for Debian, Ubuntu
 2017-10-13 17:22:11 +09:00
Kota Kanbe
132432dce6 Support SUSE Enterprise Linux (#487) 
* Support SUSE Enterprise Linux

* Implement Reboot Required detection on SLES

* Fix query OVAL because SUSE provides OVAL data each major.minor version

* Update README

* Support SUSE Enterprise 11
 2017-09-28 12:23:19 +09:00
Xiuming Chen
e5eb8e42f5 Debian: Use --showformat flag to get status of packages and ignore n(not-inst… (#484) 
* Use --showformat flag to get status of packages and ignore n(not-installed) and c(removed, only has config files remaining) packages.

* Ignoring all packages that are not in 'Installed' status.

* Simplify char escaping in the command.

* Fix typo.
 2017-09-27 09:43:59 +09:00
Kota Kanbe
5f2183fc8e Check repoquery with sudo nopasswd in deep scan mode on RedHat (#492) 2017-09-14 09:14:20 -07:00
kota kanbe
b5cb08ac43 Handle kernel's vulns using OVAL 2017-08-22 17:44:50 +09:00
kota kanbe
648a999514 Include config in json result 2017-08-18 22:39:45 +09:00
kota kanbe
71490aebd9 Fix sudo in deep scan of RHEL 2017-08-17 21:17:13 +09:00
kota kanbe
6129ac7bd4 Change model ScanResult.ScannedCves.AffectedPackages 2017-08-17 12:18:06 +09:00
kota kanbe
b5d4d27312 Fix "Vulnerable package: is not found" error on FreeBSD 2017-08-16 14:34:59 +09:00
kota kanbe
477e12d5cf Fix FreeBSD detection 2017-08-16 11:54:19 +09:00
kota kanbe
fd19fa2082 nosudo repoquery 2017-08-15 10:37:11 +09:00
kota kanbe
843f1a462f Fix checkDependencies for redhat.go 2017-08-14 15:53:11 +09:00
kota kanbe
b14406e329 Fix check logic of dependent packages in redhat.go 2017-08-09 16:18:09 +09:00
kota kanbe
29cf4bb517 Setup changelog cache only when necessary 2017-08-09 16:18:09 +09:00
kota kanbe
a233e08929 When scanning raspbian, always scan with deep scan mode 2017-08-09 16:18:09 +09:00
kota kanbe
2887dc0d36 Fix configtest to match fast and deep scan mode 2017-08-09 16:15:25 +09:00
kota kanbe
008da49b83 Imlement OVAL scan on Oracle Linux 2017-08-09 16:15:25 +09:00
kota kanbe
8b6a283114 Add a deep flag to scan 2017-08-09 16:15:25 +09:00
kota kanbe
4379b8bacf Use version comparison logic when parsing change log (Ubuntu, Debian) 2017-08-09 16:15:25 +09:00
kota kanbe
1752736714 Fix nil pointer 2017-08-09 16:15:25 +09:00
kota kanbe
9b6d84def6 Fix false positive detection on RHEL, Amazon and Oracle 2017-08-09 16:15:25 +09:00