Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Stage:v0.6.0
Branches Tags
Stage:master Stage:MaineK00n/trivy-to-vuls-cvssv4.0 Stage:MaineK00n/al2023-kernel-livepatch Stage:nightly Stage:collect-selfbulid-jar Stage:detect-pkg-deps
Stage:v0.26.0 Stage:v0.26.0-rc2 Stage:v0.26.0-alpha3 Stage:v0.25.4 Stage:v0.25.3 Stage:v0.25.2 Stage:v0.25.1 Stage:v0.25.1-beta2 Stage:v0.25.1-beta1 Stage:v0.25.0 Stage:v0.24.9 Stage:v0.24.8 Stage:v0.24.7 Stage:v0.24.6 Stage:v0.24.5 Stage:v0.24.4 Stage:v0.24.3 Stage:v0.24.2 Stage:v0.24.1 Stage:v0.24.0 Stage:v0.23.4 Stage:v0.23.3 Stage:v0.23.2 Stage:v0.23.1 Stage:v0.23.0 Stage:v0.22.2 Stage:v0.22.1 Stage:v0.23.0-beta Stage:v0.22.0 Stage:v0.21.1 Stage:v0.21.0 Stage:v0.20.5 Stage:v0.20.4 Stage:v0.20.3 Stage:v0.20.2 Stage:v0.20.1 Stage:v0.20.0 Stage:v0.19.8 Stage:v0.19.7 Stage:v0.19.6 Stage:v0.19.5 Stage:v0.19.4 Stage:v0.19.3 Stage:v0.19.2 Stage:v0.19.1 Stage:v0.19.0 Stage:v0.18.1 Stage:v0.18.0 Stage:v0.17.1 Stage:v0.17.0 Stage:v0.16.0 Stage:v0.15.14 Stage:v0.15.13 Stage:v0.15.12 Stage:v0.15.11 Stage:v0.15.10 Stage:v0.15.9 Stage:v0.15.8 Stage:v0.15.7 Stage:v0.15.6 Stage:v0.15.5 Stage:v0.15.4 Stage:v0.15.3 Stage:v0.15.2 Stage:v0.15.1 Stage:v0.15.0 Stage:v0.14.1 Stage:v0.14.0 Stage:v0.13.9 Stage:v0.13.8 Stage:v0.13.7 Stage:v0.13.6 Stage:v0.13.5 Stage:v0.13.4 Stage:v0.13.3 Stage:v0.13.2 Stage:v0.13.1 Stage:v0.13.0 Stage:v0.12.3 Stage:v0.12.2 Stage:v0.12.1 Stage:v0.12.0 Stage:v0.11.3 Stage:v0.11.2 Stage:v0.11.1 Stage:v0.11.0 Stage:v0.10.0 Stage:v0.9.8 Stage:v0.9.7 Stage:v0.9.6 Stage:v0.9.5 Stage:v0.9.4 Stage:v0.9.3 Stage:v0.9.2 Stage:v0.9.1 Stage:v0.9.0 Stage:v0.8.5 Stage:v0.8.4 Stage:v0.8.3 Stage:v0.8.2 Stage:v0.8.1 Stage:v0.8.0 Stage:v0.7.0 Stage:v0.6.3 Stage:v0.6.2 Stage:v0.6.1 Stage:v0.6.0 Stage:v0.5.0 Stage:v0.4.2 Stage:v0.4.1 Stage:v0.4.0 Stage:v0.3.0 Stage:v0.2.0 Stage:v0.1.7 Stage:v0.1.6 Stage:v0.1.5 Stage:v0.1.4 Stage:v0.1.3 Stage:v0.1.2 Stage:v0.1.1 Stage:v0.1.0
...
compare: Stage:v0.6.3
Branches Tags
Stage:master Stage:MaineK00n/trivy-to-vuls-cvssv4.0 Stage:MaineK00n/al2023-kernel-livepatch Stage:nightly Stage:collect-selfbulid-jar Stage:detect-pkg-deps
Stage:v0.26.0 Stage:v0.26.0-rc2 Stage:v0.26.0-alpha3 Stage:v0.25.4 Stage:v0.25.3 Stage:v0.25.2 Stage:v0.25.1 Stage:v0.25.1-beta2 Stage:v0.25.1-beta1 Stage:v0.25.0 Stage:v0.24.9 Stage:v0.24.8 Stage:v0.24.7 Stage:v0.24.6 Stage:v0.24.5 Stage:v0.24.4 Stage:v0.24.3 Stage:v0.24.2 Stage:v0.24.1 Stage:v0.24.0 Stage:v0.23.4 Stage:v0.23.3 Stage:v0.23.2 Stage:v0.23.1 Stage:v0.23.0 Stage:v0.22.2 Stage:v0.22.1 Stage:v0.23.0-beta Stage:v0.22.0 Stage:v0.21.1 Stage:v0.21.0 Stage:v0.20.5 Stage:v0.20.4 Stage:v0.20.3 Stage:v0.20.2 Stage:v0.20.1 Stage:v0.20.0 Stage:v0.19.8 Stage:v0.19.7 Stage:v0.19.6 Stage:v0.19.5 Stage:v0.19.4 Stage:v0.19.3 Stage:v0.19.2 Stage:v0.19.1 Stage:v0.19.0 Stage:v0.18.1 Stage:v0.18.0 Stage:v0.17.1 Stage:v0.17.0 Stage:v0.16.0 Stage:v0.15.14 Stage:v0.15.13 Stage:v0.15.12 Stage:v0.15.11 Stage:v0.15.10 Stage:v0.15.9 Stage:v0.15.8 Stage:v0.15.7 Stage:v0.15.6 Stage:v0.15.5 Stage:v0.15.4 Stage:v0.15.3 Stage:v0.15.2 Stage:v0.15.1 Stage:v0.15.0 Stage:v0.14.1 Stage:v0.14.0 Stage:v0.13.9 Stage:v0.13.8 Stage:v0.13.7 Stage:v0.13.6 Stage:v0.13.5 Stage:v0.13.4 Stage:v0.13.3 Stage:v0.13.2 Stage:v0.13.1 Stage:v0.13.0 Stage:v0.12.3 Stage:v0.12.2 Stage:v0.12.1 Stage:v0.12.0 Stage:v0.11.3 Stage:v0.11.2 Stage:v0.11.1 Stage:v0.11.0 Stage:v0.10.0 Stage:v0.9.8 Stage:v0.9.7 Stage:v0.9.6 Stage:v0.9.5 Stage:v0.9.4 Stage:v0.9.3 Stage:v0.9.2 Stage:v0.9.1 Stage:v0.9.0 Stage:v0.8.5 Stage:v0.8.4 Stage:v0.8.3 Stage:v0.8.2 Stage:v0.8.1 Stage:v0.8.0 Stage:v0.7.0 Stage:v0.6.3 Stage:v0.6.2 Stage:v0.6.1 Stage:v0.6.0 Stage:v0.5.0 Stage:v0.4.2 Stage:v0.4.1 Stage:v0.4.0 Stage:v0.3.0 Stage:v0.2.0 Stage:v0.1.7 Stage:v0.1.6 Stage:v0.1.5 Stage:v0.1.4 Stage:v0.1.3 Stage:v0.1.2 Stage:v0.1.1 Stage:v0.1.0

32 Commits
v0.6.0 ... v0.6.3

Author SHA1 Message Date
Kota Kanbe
89d58d1abc bump up version 2019-02-20 14:58:49 +09:00
Kota Kanbe
d6b6969cb3 update README 2019-02-20 14:56:24 +09:00
kazuminn
e7bf6fa69d feat(README): contiruters shield (#778) 
* add contiruters shield

* Update README.md

* Update README.md
 2019-02-20 12:20:56 +09:00
Kota Kanbe
6e51970b91 fix(discovery): show the template of GitHub Security Alerts integration to discovery subcommand 2019-02-20 12:08:22 +09:00
Kota Kanbe
56d7d43768 feat(report): GitHub security alerts integration (#775) 
feat(report): integrate to GitHub security alerts
 2019-02-20 12:04:10 +09:00
Shota Ito
256c99ffa2 Delete tab from output in case of No CVE-IDs (#768) 2019-01-25 00:21:41 +09:00
Takayuki Ushida
9c0bc3b13b modify build time (#766) 2019-01-24 15:26:12 +09:00
Kota Kanbe
9b8a323d85 fix(report): detect 0 vulns for Amazon, FreeBSD, Raspbian (#765) 2019-01-24 11:49:33 +09:00
kota kanbe
3178c1e326 Merge branch 'master' of https://github.com/future-architect/vuls 
* 'master' of https://github.com/future-architect/vuls:
  Add Telegram support (#762)
 2019-01-23 00:25:54 +09:00
kota kanbe
321d68e03a Bump up version 2019-01-23 00:25:02 +09:00
Yao Ding
3d8753c621 Add Telegram support (#762) 
* add telegram support

* format message

* remove debug print

* fix linting error

* add telegram to discover; group message by 10

* use chatID instead of channel

* apply refactor

* remove reduntant space
 2019-01-23 00:19:16 +09:00
Tomoya Amachi
967c56909d add ScannedIPv4Addrs and ScannedIPv6Addrs (#764) 2019-01-19 22:19:06 +09:00
Takayuki Ushida
7c4831d2d1 add build time (#763) 2019-01-18 13:13:50 +09:00
Shigechika AIKAWA
4b49e11a33 add(report) -format-list option to -to-email (#761) 2019-01-17 16:31:04 +09:00
Kota Kanbe
d84a6a8627 fix(oracle): vuls report returns different result each time in the case of Oracle Linux (#759) 
https://github.com/kotakanbe/goval-dictionary/pull/56
 2019-01-12 23:11:06 +09:00
sadayuki-matsuno
63b7f4a8db delete paperr (#758) 2019-01-12 22:40:56 +09:00
yahharo
ca2160264a Remove ThreadTimeStamp from message struct (#756) 
- If `thread_ts` valus sent as empty string ("") to Slack, it returns error `invalid_thread_ts`
- When API try to send, it use `slack.PostMessageParameters`, not use `message`
 2018-12-25 12:27:53 +09:00
Kota Kanbe
7842594f53 fix(scan): OS detection ssh timeout in first run #699 (#753) 2018-12-20 13:59:54 +09:00
Kota Kanbe
7db056102c fix(report): overdetection for Red Hat/CentOS with redis backend (#748) 
fix(report): miss detection for Red Hat/CentOS with redis backend
 2018-12-06 15:29:28 +09:00
Tomoya Amachi
a5a800fa0a add alert data to result json (#747) 
* add alert data to result json

* delete omitempty from AlertDict
 2018-12-05 15:38:23 +09:00
Tomoya Amachi
9147ec148d Beautify alert (#746) 
* update dep

* to make easy edit alert data manually

* fix alert data bug
 2018-12-05 12:30:04 +09:00
sadayuki-matsuno
b3260588c6 fix(gost) update pkg to incorporate the latest gost (#745) 2018-12-04 17:33:31 +09:00
sadayuki-matsuno
7d31328271 export exploit func (#744) 2018-11-30 16:53:51 +09:00
Kota Kanbe
6e82981ee3 feat(report): Display CERT information to reports (#741) 
* fix(tui): show JPCERT Alert URL in TUI

* feat(tui): show `!` when the CVE-ID corresponds to USCERT or JPCERT alert

* feat(report): display cert alert info to stdout report

* fix(report): Display CVEs detected by CPEs with -ignore-unfixed flag
 2018-11-30 15:41:59 +09:00
Tomoya Amachi
9d7b115bb5 add JPCERT and USCERT alert dictionary (#740) 
* add alert dictionary

* fix for sider review

* fix for sider review
 2018-11-30 14:17:17 +09:00
Kota Kanbe
8eae5002a3 fix(report): return both scores of gost and oval (#739) 2018-11-29 12:17:19 +09:00
Kota Kanbe
31bd6c0371 feat(scan): get repository name of updatable pkgs for debian/ubuntu (#738) 2018-11-26 12:02:52 +09:00
Kota Kanbe
7585f9d537 fix(report): fix cvedb-url, add -cvedb-type=http (#734) 
* fix(report): fix cvedb-url, add -cvedb-type=http

* feat(report): support go-exploitdb server mode

* update deps

* implement tui

* fix server mode

* fix(tui): default value of cvedb-type to ""

* update deps
 2018-11-16 21:22:18 +09:00
sadayuki-matsuno
76037cdf72 fix new cve contents (#735) 2018-11-15 13:43:06 +09:00
sadayuki-matsuno
98c5421edc fix exploit db (#733) 2018-11-12 17:36:53 +09:00
Kota Kanbe
e63fc7e3f5 fix(report): nil pointer in deep scan mode #728 (#732) 2018-11-10 12:36:12 +09:00
sadayuki-matsuno
6ed9cf3fb4 add scan mode (#731) 2018-11-05 15:35:50 +09:00
41 changed files with 5726 additions and 516 deletions
Expand all files Collapse all files

3
GNUmakefile
View File

@@ -18,8 +18,9 @@ SRCS = $(shell git ls-files '*.go')
PKGS = $(shell go list ./...)
VERSION := $(shell git describe --tags --abbrev=0)
REVISION := $(shell git rev-parse --short HEAD)
BUILDTIME := $(shell date "+%Y%m%d_%H%M%S")
LDFLAGS := -X 'github.com/future-architect/vuls/config.Version=$(VERSION)' \
-X 'github.com/future-architect/vuls/config.Revision=$(REVISION)'
-X 'github.com/future-architect/vuls/config.Revision=build-$(BUILDTIME)_$(REVISION)'
all: dep build

332
Gopkg.lock generated
View File

@@ -2,18 +2,26 @@
[[projects]]
digest = "1:2f806c4d4e9dee6f144c59099abfa9243a42a8ad9fe0d648273f6f192de6174a"
digest = "1:b92928b73320648b38c93cacb9082c0fe3f8ac3383ad9bd537eef62c380e0e7a"
name = "contrib.go.opencensus.io/exporter/ocagent"
packages = ["."]
pruneopts = "UT"
revision = "00af367e65149ff1f2f4b93bbfbb84fd9297170d"
version = "v0.2.0"
[[projects]]
digest = "1:a90dbfc07d4cf47b5f113a2d52227e0b098592b22c0bd7afd731f6cb8bd9d55c"
name = "github.com/Azure/azure-sdk-for-go"
packages = [
"storage",
"version",
]
pruneopts = "UT"
revision = "ef9744da754d0cf00d0cfeae7d1a83f2245a4b1c"
version = "v21.2.0"
revision = "1951233eb944a49aa5f7278cba8e3e32a8c958af"
version = "v24.0.0"
[[projects]]
digest = "1:1fe87891e29a291377b0b2224b99fd857553dff7dce8a6ffb5fda003ce52a8b0"
digest = "1:e6c692a2dd5f978216331f2ab41b45dfdf01d5b2a74c596a9f69bcef77b7d67b"
name = "github.com/Azure/go-autorest"
packages = [
"autorest",
@@ -21,11 +29,11 @@
"autorest/azure",
"autorest/date",
"logger",
"version",
"tracing",
]
pruneopts = "UT"
revision = "4b7f49dc5db2e1e6d528524d269b4181981a7ebf"
version = "v11.1.1"
revision = "be17756531f50014397912b7aa557ec335e39b98"
version = "v11.3.0"
[[projects]]
digest = "1:9f3b30d9f8e0d7040f729b82dcbc8f0dead820a133b3147ce355fc451f32d761"
@@ -52,7 +60,7 @@
version = "v9"
[[projects]]
digest = "1:b75da992f409ab285c5c2d57869d3df50e1d6869d25bee46bb04571a81db53d9"
digest = "1:5652bf3ce03ccaeb93cd5e11fcaab25467f78275fd9c4b4d1ffe88aae6faed12"
name = "github.com/aws/aws-sdk-go"
packages = [
"aws",
@@ -64,6 +72,7 @@
"aws/credentials",
"aws/credentials/ec2rolecreds",
"aws/credentials/endpointcreds",
"aws/credentials/processcreds",
"aws/credentials/stscreds",
"aws/csm",
"aws/defaults",
@@ -72,6 +81,7 @@
"aws/request",
"aws/session",
"aws/signer/v4",
"internal/ini",
"internal/s3err",
"internal/sdkio",
"internal/sdkrand",
@@ -89,8 +99,8 @@
"service/sts",
]
pruneopts = "UT"
revision = "66832f7f150914a46ffbfc03210f3b9cb0e4c005"
version = "v1.15.57"
revision = "aabf189db35ba7eb5a35afe6d681fc0f70954fca"
version = "v1.16.18"
[[projects]]
digest = "1:0f98f59e9a2f4070d66f0c9c39561f68fcd1dc837b22a852d28d0003aebd1b1e"
@@ -101,12 +111,25 @@
version = "v1.3.1"
[[projects]]
digest = "1:2209584c0f7c9b68c23374e659357ab546e1b70eec2761f03280f69a8fd23d77"
digest = "1:166438587ed45ac211dab8a3ecebf4fa0c186d0db63430fb9127bbc2e5fcdc67"
name = "github.com/cenkalti/backoff"
packages = ["."]
pruneopts = "UT"
revision = "2ea60e5f094469f9e65adb9cd103795b73ae743e"
version = "v2.0.0"
revision = "1e4cf3da559842a91afcb6ea6141451e6c30c618"
version = "v2.1.1"
[[projects]]
digest = "1:65b0d980b428a6ad4425f2df4cd5410edd81f044cf527bd1c345368444649e58"
name = "github.com/census-instrumentation/opencensus-proto"
packages = [
"gen-go/agent/common/v1",
"gen-go/agent/trace/v1",
"gen-go/resource/v1",
"gen-go/trace/v1",
]
pruneopts = "UT"
revision = "7f2434bc10da710debe5c4315ed6d4df454b4024"
version = "v0.1.0"
[[projects]]
digest = "1:e04c00d619875ce5fa67180891984a9b1fadcc031af36bcd7a3509cbdad1df15"
@@ -141,15 +164,7 @@
version = "v1.4.7"
[[projects]]
digest = "1:15e27372d379b45b18ac917b9dafc45c45485239490ece18cca97a12f9591146"
name = "github.com/go-ini/ini"
packages = ["."]
pruneopts = "UT"
revision = "9c8236e659b76e87bf02044d06fde8683008ff3e"
version = "v1.39.0"
[[projects]]
digest = "1:7c2fd446293ff7799cc496d3446e674ee67902d119f244de645caf95dff1bb98"
digest = "1:ad53d1f710522a38d1f0e5e0a55a194b1c6b2cd8e84313568e43523271f0cf62"
name = "github.com/go-redis/redis"
packages = [
".",
@@ -158,20 +173,19 @@
"internal/hashtag",
"internal/pool",
"internal/proto",
"internal/singleflight",
"internal/util",
]
pruneopts = "UT"
revision = "f3bba01df2026fc865f7782948845db9cf44cf23"
version = "v6.14.1"
revision = "22be8a3eaf992c828cecb69dc07348313bf08d2e"
version = "v6.15.1"
[[projects]]
digest = "1:adea5a94903eb4384abef30f3d878dc9ff6b6b5b0722da25b82e5169216dfb61"
digest = "1:ec6f9bf5e274c833c911923c9193867f3f18788c461f76f05f62bb1510e0ae65"
name = "github.com/go-sql-driver/mysql"
packages = ["."]
pruneopts = "UT"
revision = "d523deb1b23d913de5bdada721a6071e71283618"
version = "v1.4.0"
revision = "72cd26f257d44c1114970e19afddcd812016007e"
version = "v1.4.1"
[[projects]]
digest = "1:586ea76dbd0374d6fb649a91d70d652b7fe0ccffb8910a77468e7702e7901f3d"
@@ -181,6 +195,21 @@
revision = "2fee6af1a9795aafbe0253a0cfbdf668e1fb8a9a"
version = "v1.8.0"
[[projects]]
digest = "1:8f0705fa33e8957018611cc81c65cb373b626c092d39931bb86882489fc4c3f4"
name = "github.com/golang/protobuf"
packages = [
"proto",
"ptypes",
"ptypes/any",
"ptypes/duration",
"ptypes/timestamp",
"ptypes/wrappers",
]
pruneopts = "UT"
revision = "aa810b61a9c79d51363740d207bb46cf8e620ed5"
version = "v1.2.0"
[[projects]]
branch = "master"
digest = "1:df265b7f54410945dad5cf5979d91461b9fa7ff9b397ab58d2d577002a8a0e24"
@@ -218,12 +247,12 @@
revision = "e9e44961e26f513866063f54bf85070db95600f7"
[[projects]]
digest = "1:77395dd3847dac9c45118c668f5dab85aedf0163dc3b38aea6578c5cf0d502f9"
digest = "1:950caca7dfcf796419232ba996c9c3539d09f26af27ba848c4508e604c13efbb"
name = "github.com/hashicorp/go-version"
packages = ["."]
pruneopts = "UT"
revision = "b5a281d3160aa11950a6182bd9a9dc2cb1e02d50"
version = "v1.0.0"
revision = "d40cf49b3a77bba84a7afdbd7f1dc295d114efb1"
version = "v1.1.0"
[[projects]]
digest = "1:c0d19ab64b32ce9fe5cf4ddceba78d5bc9807f0016db6b1183599da3dcc24d10"
@@ -269,7 +298,7 @@
version = "v2.14"
[[projects]]
digest = "1:8fe19266ce82209076d4a81007ff93f40dd349faca4a917aea59d33956bbd4fd"
digest = "1:ff312c4d510c67954a6fc6a11c9ff72a2b2169584776b7419c7b8c729e2b13ac"
name = "github.com/jinzhu/gorm"
packages = [
".",
@@ -278,8 +307,8 @@
"dialects/sqlite",
]
pruneopts = "UT"
revision = "6ed508ec6a4ecb3531899a69cbc746ccf65a4166"
version = "v1.9.1"
revision = "472c70caa40267cb89fd8facb07fe6454b578626"
version = "v1.9.2"
[[projects]]
branch = "master"
@@ -290,11 +319,11 @@
revision = "04140366298a54a039076d798123ffa108fff46c"
[[projects]]
digest = "1:e22af8c7518e1eab6f2eab2b7d7558927f816262586cd6ed9f349c97a6c285c4"
digest = "1:bb81097a5b62634f3e9fec1014657855610c82d19b9a40c17612e32651e35dca"
name = "github.com/jmespath/go-jmespath"
packages = ["."]
pruneopts = "UT"
revision = "0b12d6b5"
revision = "c2b33e84"
[[projects]]
digest = "1:114ecad51af93a73ae6781fd0d0bc28e52b433c852b84ab4b4c109c15e6c6b6d"
@@ -342,7 +371,7 @@
[[projects]]
branch = "master"
digest = "1:784bbde718d6f806578d929df8ad88a24817ca4fea5ce498165f46ff238d0deb"
digest = "1:acca5c567e76e94e81f8d65893e2a9cd12d914dd688731f461a5ebdb180d4938"
name = "github.com/knqyf263/gost"
packages = [
"config",
@@ -351,7 +380,7 @@
"util",
]
pruneopts = "UT"
revision = "920046ad61b30ed1d554140c85daaa9e3ed2ca9e"
revision = "5afeda5e8e1f8f3561738d3d6fa6549c88feb31e"
[[projects]]
digest = "1:0a69a1c0db3591fcefb47f115b224592c8dfa4368b7ba9fae509d5e16cdc95c8"
@@ -363,7 +392,7 @@
[[projects]]
branch = "master"
digest = "1:336333e5514fc6178cdb4245f64cc34f9c0212daa523a5267e357a7535d5470f"
digest = "1:fa59fec07121e6190139b5134524c4fc7a6abe5143a775a0e17313b6997e17a7"
name = "github.com/kotakanbe/go-cve-dictionary"
packages = [
"config",
@@ -372,7 +401,7 @@
"models",
]
pruneopts = "UT"
revision = "bff11c4b0f9d2915f21f49d4530c99033898dbca"
revision = "b083bedef97055c27d1f039428ab183eca7c6450"
[[projects]]
digest = "1:54d3c90db1164399906830313a6fce7770917d7e4a12da8f2d8693d18ff5ef27"
@@ -383,7 +412,7 @@
version = "v0.1.0"
[[projects]]
digest = "1:564a03e039dfed4121709e3d76c05c08a9d4291335ca682b5065ae46285a688a"
digest = "1:8fd95e6bab4d09a0f610bd5c02ef6ec7d0d91da5a72b7cfcbfd67254bcb72b75"
name = "github.com/kotakanbe/goval-dictionary"
packages = [
"config",
@@ -392,8 +421,8 @@
"models",
]
pruneopts = "UT"
revision = "818624daf2658cc177ea93100ff20c5caed064b6"
version = "v0.1.0"
revision = "5070051ecafdf15cbe2490e71ec038de7d25b71e"
version = "v0.1.1"
[[projects]]
branch = "master"
@@ -404,15 +433,15 @@
revision = "928f7356cb964637e2489a6ef37eee55181676c5"
[[projects]]
digest = "1:faee5b9f53eb1ae4eb04708c040c8c4dd685ce46509671e57a08520a15c54368"
digest = "1:01eb0269028d3c2e21b5b6cd9b1ba81bc4170ab293fcffa84e3aa3a6138a92e8"
name = "github.com/labstack/gommon"
packages = [
"color",
"log",
]
pruneopts = "UT"
revision = "2a618302b929cc20862dda3aa6f02f64dbe740dd"
version = "v0.2.7"
revision = "7fd9f68ece0bcb1a905fac8f1549f0083f71c51b"
version = "v0.2.8"
[[projects]]
digest = "1:b18ffc558326ebaed3b4a175617f1e12ed4e3f53d6ebfe5ba372a3de16d22278"
@@ -459,20 +488,20 @@
version = "v0.0.4"
[[projects]]
digest = "1:cdb899c199f907ac9fb50495ec71212c95cb5b0e0a8ee0800da0238036091033"
digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7"
name = "github.com/mattn/go-runewidth"
packages = ["."]
pruneopts = "UT"
revision = "ce7b0b5c7b45a81508558cd1dba6bb1e4ddb51bb"
version = "v0.0.3"
revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3"
version = "v0.0.4"
[[projects]]
digest = "1:3cafc6a5a1b8269605d9df4c6956d43d8011fc57f266ca6b9d04da6c09dee548"
digest = "1:4a49346ca45376a2bba679ca0e83bec949d780d4e927931317904bad482943ec"
name = "github.com/mattn/go-sqlite3"
packages = ["."]
pruneopts = "UT"
revision = "25ecb14adfc7543176f7d85291ec7dba82c6f7e4"
version = "v1.9.0"
revision = "c7c4067b79cc51e6dfdcef5c702e74b1e0fa7c75"
version = "v1.10.0"
[[projects]]
branch = "master"
@@ -499,16 +528,16 @@
version = "v1.1.2"
[[projects]]
branch = "master"
digest = "1:7aefb397a53fc437c90f0fdb3e1419c751c5a3a165ced52325d5d797edf1aca6"
name = "github.com/moul/http2curl"
packages = ["."]
pruneopts = "UT"
revision = "9ac6cf4d929b2fa8fd2d2e6dec5bb0feb4f4911d"
version = "v1.0.0"
[[projects]]
branch = "master"
digest = "1:c72d41e2be29143a802361f175f9eafe81ecd35119b80b7673bb3e997b086687"
digest = "1:a440c18972e9499a1e8de68915e5a9119008d86efc2a9c6c6edddc323ce6f3ed"
name = "github.com/mozqnet/go-exploitdb"
packages = [
"db",
@@ -516,7 +545,7 @@
"util",
]
pruneopts = "UT"
revision = "b359807ea9b24f7ce80d1bfa02ffca5ed428ffb5"
revision = "652ae1f6aa234a4e22c8a6c9566ef4018a1d28c8"
[[projects]]
digest = "1:95d38d218bf2290987c6b0e885a9f0f2d3d3239235acaddca01c3fe36e5e5566"
@@ -531,19 +560,19 @@
[[projects]]
branch = "master"
digest = "1:f335d800550786b6f51ddaedb9d1107a7a72f4a2195e5b039dd7c0e103e119bc"
digest = "1:f3fc7efada7606d5abc88372e1f838ed897fa522077957070fbc2207a50d6faa"
name = "github.com/nsf/termbox-go"
packages = ["."]
pruneopts = "UT"
revision = "b66b20ab708e289ff1eb3e218478302e6aec28ce"
revision = "0938b5187e61bb8c4dcac2b0a9cf4047d83784fc"
[[projects]]
branch = "master"
digest = "1:f611266e3ac01ab4adb6f1d67f6c1be82998d02f452faff450596658712d860b"
digest = "1:abcdbf03ca6ca13d3697e2186edc1f33863bbdac2b3a44dfa39015e8903f7409"
name = "github.com/olekukonko/tablewriter"
packages = ["."]
pruneopts = "UT"
revision = "be2c049b30ccd4d3fd795d6bf7dce74e42eeedaa"
revision = "e6d60cf7ba1f42d86d54cdf5508611c4aafb3970"
version = "v0.0.1"
[[projects]]
digest = "1:d776f3e95774a8719f2e57fabbbb33103035fe072dcf6f1864f33abd17b753e5"
@@ -562,12 +591,12 @@
version = "v1.2.0"
[[projects]]
digest = "1:40e195917a951a8bf867cd05de2a46aaf1806c50cf92eebf4c16f78cd196f747"
digest = "1:cf31692c14422fa27c83a05292eb5cbe0fb2775972e8f1f8446a71549bd8980b"
name = "github.com/pkg/errors"
packages = ["."]
pruneopts = "UT"
revision = "645ef00459ed84a119197bfb8d8205042c6df63d"
version = "v0.8.0"
revision = "ba968bfe8b2f7e042a574c888954fccecfa385b4"
version = "v0.8.1"
[[projects]]
digest = "1:1a23fdd843129ef761ffe7651bc5fe7c5b09fbe933e92783ab06cc11c37b7b37"
@@ -587,30 +616,30 @@
[[projects]]
branch = "master"
digest = "1:b17bd7b89f445e9c4b82f6144a8fe41e60d921fbe4279f669f9464b277927254"
digest = "1:9c3c856c4bd09733de5727aeb85fc484b8b87a6eb9e6a632c47e3f17142757ee"
name = "github.com/sirupsen/logrus"
packages = ["."]
pruneopts = "UT"
revision = "680f584d621da87ee04ea659130e149ba9d23cae"
revision = "78fb3852d92683dc28da6cc3d5f965100677c27d"
[[projects]]
digest = "1:6a4a11ba764a56d2758899ec6f3848d24698d48442ebce85ee7a3f63284526cd"
digest = "1:d707dbc1330c0ed177d4642d6ae102d5e2c847ebd0eb84562d0dc4f024531cfc"
name = "github.com/spf13/afero"
packages = [
".",
"mem",
]
pruneopts = "UT"
revision = "d40851caa0d747393da1ffb28f7f9d8b4eeffebd"
version = "v1.1.2"
revision = "a5d6946387efe7d64d09dcba68cdd523dc1273a3"
version = "v1.2.0"
[[projects]]
digest = "1:516e71bed754268937f57d4ecb190e01958452336fa73dbac880894164e91c1f"
digest = "1:08d65904057412fc0270fc4812a1c90c594186819243160dc779a402d4b6d0bc"
name = "github.com/spf13/cast"
packages = ["."]
pruneopts = "UT"
revision = "8965335b8c7107321228e3e3702cab9832751bac"
version = "v1.2.0"
revision = "8c9545af88b134710ab1cd196795e7f2388358d7"
version = "v1.3.0"
[[projects]]
digest = "1:68ea4e23713989dc20b1bded5d9da2c5f9be14ff9885beef481848edd18c26cb"
@@ -629,12 +658,12 @@
version = "v1.0.3"
[[projects]]
digest = "1:214775c11fd26da94a100111a62daa25339198a4f9c57cb4aab352da889f5b93"
digest = "1:de37e343c64582d7026bf8ab6ac5b22a72eac54f3a57020db31524affed9f423"
name = "github.com/spf13/viper"
packages = ["."]
pruneopts = "UT"
revision = "2c12c60302a5a0e62ee102ca9bc996277c2f64f5"
version = "v1.2.1"
revision = "6d33b5a963d922d182c91e8a1c88d81fd150cfd4"
version = "v1.3.1"
[[projects]]
digest = "1:c468422f334a6b46a19448ad59aaffdfc0a36b08fdcc1c749a0b29b6453d7e59"
@@ -660,9 +689,33 @@
pruneopts = "UT"
revision = "0a0be1dd9d0855b50be0be5a10ad3085382b6d59"
[[projects]]
digest = "1:2ae8314c44cd413cfdb5b1df082b350116dd8d2fff973e62c01b285b7affd89e"
name = "go.opencensus.io"
packages = [
".",
"exemplar",
"internal",
"internal/tagencoding",
"plugin/ochttp",
"plugin/ochttp/propagation/b3",
"plugin/ochttp/propagation/tracecontext",
"stats",
"stats/internal",
"stats/view",
"tag",
"trace",
"trace/internal",
"trace/propagation",
"trace/tracestate",
]
pruneopts = "UT"
revision = "b7bf3cdb64150a8c8c53b769fdeb2ba581bd4d4b"
version = "v0.18.0"
[[projects]]
branch = "master"
digest = "1:1e63ada43d2806f05965163d1b7d0de9366d60a9077eb1b0c3618156b445e713"
digest = "1:30e9f5bea4df0d1a573ed89a85cc680ab05dfc078f6a21e627db236f29650a11"
name = "golang.org/x/crypto"
packages = [
"curve25519",
@@ -676,30 +729,55 @@
"ssh/terminal",
]
pruneopts = "UT"
revision = "0c41d7ab0a0ee717d4590a44bcb987dfd9e183eb"
revision = "ff983b9c42bc9fbf91556e191cc8efb585c16908"
[[projects]]
branch = "master"
digest = "1:fa44bfbd6a531dbb03a45ba46765f876abd24579fcf6d1b64b8546b98a00f15b"
digest = "1:25c965216c188afcd5f430f65acc28d4f193c5a88e7c6c54ae876b1898f86368"
name = "golang.org/x/net"
packages = [
"context",
"context/ctxhttp",
"http/httpguts",
"http2",
"http2/hpack",
"idna",
"internal/timeseries",
"publicsuffix",
"trace",
]
pruneopts = "UT"
revision = "04a2e542c03f1d053ab3e4d6e5abcd4b66e2be8e"
revision = "915654e7eabcea33ae277abbecf52f0d8b7a9fdc"
[[projects]]
branch = "master"
digest = "1:f5aa274a0377f85735edc7fedfb0811d3cbc20af91633797cb359e29c3272271"
digest = "1:e007b54f54cbd4214aa6d97a67d57bc2539991adb4e22ea92c482bbece8de469"
name = "golang.org/x/oauth2"
packages = [
".",
"internal",
]
pruneopts = "UT"
revision = "99b60b757ec124ebb7d6b7e97f153b19c10ce163"
[[projects]]
branch = "master"
digest = "1:75515eedc0dc2cb0b40372008b616fa2841d831c63eedd403285ff286c593295"
name = "golang.org/x/sync"
packages = ["semaphore"]
pruneopts = "UT"
revision = "37e7f081c4d4c64e13b10787722085407fe5d15f"
[[projects]]
branch = "master"
digest = "1:5ee4df7ab18e945607ac822de8d10b180baea263b5e8676a1041727543b9c1e4"
name = "golang.org/x/sys"
packages = [
"unix",
"windows",
]
pruneopts = "UT"
revision = "fa43e7bc11baaae89f3f902b2b4d832b68234844"
revision = "48ac38b7c8cbedd50b1613c0fccacfc7d88dfcdf"
[[projects]]
digest = "1:a2ab62866c75542dd18d2b069fec854577a20211d7c0ea6ae746072a1dccdd18"
@@ -725,12 +803,77 @@
version = "v0.3.0"
[[projects]]
digest = "1:c25289f43ac4a68d88b02245742347c94f1e108c534dda442188015ff80669b3"
name = "google.golang.org/appengine"
packages = ["cloudsql"]
digest = "1:5f003878aabe31d7f6b842d4de32b41c46c214bb629bb485387dbcce1edf5643"
name = "google.golang.org/api"
packages = ["support/bundler"]
pruneopts = "UT"
revision = "ae0ab99deb4dc413a2b4bd6c8bdd0eb67f1e4d06"
version = "v1.2.0"
revision = "19e022d8cf43ce81f046bae8cc18c5397cc7732f"
version = "v0.1.0"
[[projects]]
digest = "1:9e29a0ec029d012437d88da3ccccf18adcdce069cab08d462056c2c6bb006505"
name = "google.golang.org/appengine"
packages = [
"cloudsql",
"internal",
"internal/base",
"internal/datastore",
"internal/log",
"internal/remote_api",
"internal/urlfetch",
"urlfetch",
]
pruneopts = "UT"
revision = "e9657d882bb81064595ca3b56cbe2546bbabf7b1"
version = "v1.4.0"
[[projects]]
branch = "master"
digest = "1:077c1c599507b3b3e9156d17d36e1e61928ee9b53a5b420f10f28ebd4a0b275c"
name = "google.golang.org/genproto"
packages = ["googleapis/rpc/status"]
pruneopts = "UT"
revision = "db91494dd46c1fdcbbde05e5ff5eb56df8f7d79a"
[[projects]]
digest = "1:9edd250a3c46675d0679d87540b30c9ed253b19bd1fd1af08f4f5fb3c79fc487"
name = "google.golang.org/grpc"
packages = [
".",
"balancer",
"balancer/base",
"balancer/roundrobin",
"binarylog/grpc_binarylog_v1",
"codes",
"connectivity",
"credentials",
"credentials/internal",
"encoding",
"encoding/proto",
"grpclog",
"internal",
"internal/backoff",
"internal/binarylog",
"internal/channelz",
"internal/envconfig",
"internal/grpcrand",
"internal/grpcsync",
"internal/syscall",
"internal/transport",
"keepalive",
"metadata",
"naming",
"peer",
"resolver",
"resolver/dns",
"resolver/passthrough",
"stats",
"status",
"tap",
]
pruneopts = "UT"
revision = "df014850f6dee74ba2fc94874043a9f3f75fbfd8"
version = "v1.17.0"
[[projects]]
digest = "1:e626376fab8608a972d47e91b3c1bbbddaecaf1d42b82be6dcc52d10a7557893"
@@ -741,12 +884,12 @@
version = "v1.1.1"
[[projects]]
digest = "1:50ec2f81389fbc7a1e496e1d1dc07adfe080fd15e015e9ba0e08ddaf1d4635ef"
digest = "1:94cad6e2359d57da6652e689189c5b6ef19f99db6304d2c41de54f6632e15143"
name = "gopkg.in/cheggaaa/pb.v1"
packages = ["."]
pruneopts = "UT"
revision = "007b75a044e968336a69a6c0c617251ab62ac14c"
version = "v1.0.26"
revision = "1cc5bbe20449079337944d56292c7383510c534c"
version = "v1.0.27"
[[projects]]
digest = "1:256938e7d43c73bd5e7bb97dd281d1ebe294b2928403ee1fbec96249915d1150"
@@ -781,20 +924,20 @@
version = "v0.0.4"
[[projects]]
digest = "1:cdb899c199f907ac9fb50495ec71212c95cb5b0e0a8ee0800da0238036091033"
digest = "1:0356f3312c9bd1cbeda81505b7fd437501d8e778ab66998ef69f00d7f9b3a0d7"
name = "gopkg.in/mattn/go-runewidth.v0"
packages = ["."]
pruneopts = "UT"
revision = "ce7b0b5c7b45a81508558cd1dba6bb1e4ddb51bb"
version = "v0.0.3"
revision = "3ee7d812e62a0804a7d0a324e0249ca2db3476d3"
version = "v0.0.4"
[[projects]]
digest = "1:342378ac4dcb378a5448dd723f0784ae519383532f5e70ade24132c4c8693202"
digest = "1:4d2e5a73dc1500038e504a8d78b986630e3626dc027bc030ba5c75da257cdb96"
name = "gopkg.in/yaml.v2"
packages = ["."]
pruneopts = "UT"
revision = "5420a8b6744d3b0345ab293f6fcba19c978f1183"
version = "v2.2.1"
revision = "51d6538a90f86fe93ac480b35f37b2be17fef232"
version = "v2.2.2"
[solve-meta]
analyzer-name = "dep"
@@ -842,6 +985,7 @@
"github.com/sirupsen/logrus",
"golang.org/x/crypto/ssh",
"golang.org/x/crypto/ssh/agent",
"golang.org/x/oauth2",
]
solver-name = "gps-cdcl"
solver-version = 1

4
Gopkg.toml
View File

@@ -32,6 +32,10 @@
name = "github.com/kotakanbe/go-cve-dictionary"
branch = "master"
[[constraint]]
name = "github.com/mozqnet/go-exploitdb"
branch = "master"
[prune]
go-tests = true
unused-packages = true

62
README.md
View File

@@ -5,12 +5,12 @@
[![License](https://img.shields.io/github/license/future-architect/vuls.svg?style=flat-square)](https://github.com/future-architect/vuls/blob/master/LICENSE)
[![Build Status](https://travis-ci.org/future-architect/vuls.svg?branch=master)](https://travis-ci.org/future-architect/vuls)
[![Go Report Card](https://goreportcard.com/badge/github.com/future-architect/vuls)](https://goreportcard.com/report/github.com/future-architect/vuls)
[![Contributors](https://img.shields.io/github/contributors/future-architect/vuls.svg)](https://github.com/future-architect/vuls/graphs/contributors)
![Vuls-logo](img/vuls_logo.png)
![Vuls-logo](img/vuls_logo.png)
Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
We have a slack team. [Join slack team](http://goo.gl/forms/xm5KFo35tu)
Vulnerability scanner for Linux/FreeBSD, agentless, written in golang.
We have a slack team. [Join slack team](http://goo.gl/forms/xm5KFo35tu)
Twitter: [@vuls_en](https://twitter.com/vuls_en)
![Vuls-Abstract](img/vuls-abstract.png)
@@ -28,12 +28,13 @@ Twitter: [@vuls_en](https://twitter.com/vuls_en)
For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden.
To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually.
This leads to the following problems.
- System administrator will have to constantly watch out for any new vulnerabilities in NVD(National Vulnerability Database) or similar databases.
- It might be impossible for the system administrator to monitor all the software if there are a large number of software installed in server.
- It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there.
Vuls is a tool created to solve the problems listed above. It has the following characteristics.
- Informs users of the vulnerabilities that are related to the system.
- Informs users of the servers that are affected.
- Vulnerability detection is done automatically to prevent any oversight.
@@ -48,36 +49,43 @@ Vuls is a tool created to solve the problems listed above. It has the following
## Scan for any vulnerabilities in Linux/FreeBSD Server
[Supports major Linux/FreeBSD](https://vuls.io/docs/en/supported-os.html)
- Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux and Raspbian, FreeBSD
- Cloud, on-premise, Docker
## High quality scan
## High quality scan
Vuls uses Multiple vulnerability databases
- [NVD](https://nvd.nist.gov/)
- [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
- OVAL
- [RedHat](https://www.redhat.com/security/data/oval/)
- [Debian](https://www.debian.org/security/oval/)
- [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
- [Oracle Linux](https://linux.oracle.com/security/oval/)
- [RedHat](https://www.redhat.com/security/data/oval/)
- [Debian](https://www.debian.org/security/oval/)
- [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
- [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
- [Oracle Linux](https://linux.oracle.com/security/oval/)
- [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
- [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
- Commands(yum, zypper, pkg-audit)
- RHSA/ALAS/ELSA/FreeBSD-SA
- RHSA/ALAS/ELSA/FreeBSD-SA
- [Exploit Database](https://www.exploit-db.com/)
- [US-CERT](https://www.us-cert.gov/ncas/alerts)
- [JPCERT](http://www.jpcert.or.jp/at/2019.html)
- Changelog
## Fast scan and Deep scan
[Fast Scan](https://vuls.io/docs/en/architecture-fast-scan.html)
- Scan without root privilege, no dependencies
- Almost no load on the scan target server
- Offline mode scan with no internet access. (Red Hat, CentOS, OracleLinux, Ubuntu, Debian)
[Fast Root Scan](https://vuls.io/docs/en/architecture-fast-root-scan.html)
- Scan with root privilege
- Almost no load on the scan target server
- Detect processes affected by update using yum-ps (RedHat, CentOS, Oracle Linux and Amazon Linux)
@@ -85,8 +93,9 @@ Vuls uses Multiple vulnerability databases
- Offline mode scan with no internet access. (RedHat, CentOS, OracleLinux, Ubuntu, Debian)
[Deep Scan](https://vuls.io/docs/en/architecture-deep-scan.html)
- Scan with root privilege
- Parses the Changelog
- Parses the Changelog
Changelog has a history of version changes. When a security issue is fixed, the relevant CVE ID is listed.
By parsing the changelog and analysing the updates between the installed version of software on the server and the newest version of that software
it's possible to create a list of all vulnerabilities that need to be fixed.
@@ -95,28 +104,32 @@ Vuls uses Multiple vulnerability databases
## [Remote scan and Local scan](https://vuls.io/docs/en/architecture-remote-local.html)
[Remote Scan](https://vuls.io/docs/en/architecture-remote-scan.html)
- User is required to only setup one machine that is connected to other target servers via SSH
[Local Scan](https://vuls.io/docs/en/architecture-local-scan.html)
- If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode.
## **Dynamic** Analysis
- It is possible to acquire the state of the server by connecting via SSH and executing the command.
- It is possible to acquire the state of the server by connecting via SSH and executing the command.
- Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
## [Scan middleware that are not included in OS package management](https://vuls.io/docs/en/usage-scan-non-os-packages.html)
## Scan vulnerabilites of non-OS packages
- Scan middleware, programming language libraries and framework for vulnerability
- Support software registered in CPE
- [Common Platform Enumeration (CPE) based Scan](https://vuls.io/docs/en/usage-scan-non-os-packages.html#how-to-search-cpe-name-by-software-name)
- NW equipment, middleware, programming language libraries and framework for vulnerability
- Integrate with [GitHub Security Alerts](https://vuls.io/docs/en/usage-scan-non-os-packages.html#usage-integrate-with-github-security-alerts)
- Integrate with [OWASP Dependency Check](https://vuls.io/docs/en/usage-scan-non-os-packages.html#usage-integrate-with-owasp-dependency-check-to-automatic-update-when-the-libraries-are-updated-experimental)
## MISC
- Nondestructive testing
- Pre-authorization is *NOT* necessary before scanning on AWS
- Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
- Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
- Auto generation of configuration file template
- Auto detection of servers set using CIDR, generate configuration file template
- Auto detection of servers set using CIDR, generate configuration file template
- Email and Slack notification is possible (supports Japanese language)
- Scan result is viewable on accessory software, TUI Viewer on terminal or Web UI ([VulsRepo](https://github.com/usiusi360/vulsrepo)).
@@ -130,7 +143,7 @@ Vuls uses Multiple vulnerability databases
# Document
For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)
For more information such as Installation, Tutorial, Usage, visit [vuls.io](https://vuls.io/)
[日本語翻訳ドキュメント](https://vuls.io/ja/)
----
@@ -146,11 +159,12 @@ kotakanbe ([@kotakanbe](https://twitter.com/kotakanbe)) created vuls and [these
Please see [CHANGELOG](https://github.com/future-architect/vuls/blob/master/CHANGELOG.md).
----
# Stargazers over time
[![Stargazers over time](https://starcharts.herokuapp.com/future-architect/vuls.svg)](https://starcharts.herokuapp.com/future-architect/vuls)
-----
# Stargazers over time
[![Stargazers over time](https://starcharts.herokuapp.com/future-architect/vuls.svg)](https://starcharts.herokuapp.com/future-architect/vuls)
-----;
# License

2897
alert/alert_jp.go Normal file
View File

File diff suppressed because it is too large Load Diff

920
alert/alert_us.go Normal file
View File

@@ -0,0 +1,920 @@
package alert
// AlertDictEn has USCERT alerts
var AlertDictEn = map[string]Alert{
"https://www.us-cert.gov/ncas/alerts/TA08-352A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-352A",
Title: `Microsoft Internet Explorer Data Binding Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-350A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-350A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-344A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-344A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-340A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-340A",
Title: `Sun Java Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-319A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-319A",
Title: `Mozilla Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-132A",
Title: `Microsoft PowerPoint Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-041A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-041A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-343A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-343A",
Title: `Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-218A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-218A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-195A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-195A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-342A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-342A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-286B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-286B",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-160B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-160B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-069A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-069A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-223A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-223A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-013A",
Title: `Microsoft Updates for Multiple SMB Protocol Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-294A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-294A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-020A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-020A",
Title: `Microsoft Windows Does Not Disable AutoRun Properly`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-133A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-133A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-022A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-022A",
Title: `Apple QuickTime Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-051A",
Title: `Adobe Acrobat and Reader Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-015A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-015A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-251A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-251A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-209A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-209A",
Title: `Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-204A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-204A",
Title: `Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-161A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-161A",
Title: `Adobe Acrobat and Reader Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-133B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-133B",
Title: `Adobe Reader and Acrobat JavaScript Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-088A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-088A",
Title: `Conficker Worm Targets Microsoft Windows Systems`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-314A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-314A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-105A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-104A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-104A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-286A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-187A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-187A",
Title: `Microsoft Video ActiveX Control Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-238A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-238A",
Title: `Microsoft Windows Insecurely Loads Dynamic Libraries`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-159B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-159B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-103B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-103B",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-021A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-021A",
Title: `Microsoft Internet Explorer Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-012A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-012A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-313A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-313A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-285A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-285A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-263A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-263A",
Title: `Adobe Flash Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-103C": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-103C",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-040A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-040A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-194B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-194B",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-194A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-194A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-131A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-131A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-068A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-068A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-348A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-348A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-257A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-257A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-231A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-231A",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-222A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-222A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-162A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-162A",
Title: `Adobe Flash and AIR Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-159A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-159A",
Title: `Adobe Flash, Reader, and Acrobat Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-089A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-089A",
Title: `Microsoft Internet Explorer Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-013A",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-287A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-287A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-279A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-279A",
Title: `Adobe Reader and Acrobat Affected by Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-223A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-223A",
Title: `Adobe Flash and AIR Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-012B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-012B",
Title: `Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-165A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-165A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-067A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-067A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-039A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-039A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-222A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-222A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-193A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-193A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-201A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-201A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-166A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-166A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-130A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-130A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-312A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-312A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-286A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-350A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-350A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-221A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-221A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-256A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-256A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-200A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-200A",
Title: `Security Recommendations to Prevent Cyber Intrusions`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-102A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-102A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-011A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-011A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-347A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-347A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-284A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-284A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-262A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-262A",
Title: `Microsoft Security Advisory for Internet Explorer Exploit`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-240A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-240A",
Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-227A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-227A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-129A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-129A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-101B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-101B",
Title: `Adobe Reader and Acrobat Security Updates and Architectural Improvements`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-010A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-010A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-006A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-006A",
Title: `Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-265A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-265A",
Title: `Microsoft Releases Patch for Internet Explorer Exploit`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-255A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-255A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-251A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-251A",
Title: `Microsoft Update For Minimum Certificate Key Length`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-174A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-174A",
Title: `Microsoft XML Core Services Attack Activity`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-164A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-164A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-101A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-101A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-318A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-283A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-283A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-346A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-346A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-192A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-192A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-073A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-073A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-045A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-045A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-024A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-024A",
Title: `"Anonymous" DDoS Activity`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-134A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-134A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-043B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-043B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-008A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-008A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-051A",
Title: `Oracle Java Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-043A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-043A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-225A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-225A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-207A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-207A",
Title: `Risks of Using the Intelligent Platform Management Interface (IPMI)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-141A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-141A",
Title: `Washington, DC Radio Station Web Site Compromises`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-175A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-175A",
Title: `Risks of Default Passwords on the Internet`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-169A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-169A",
Title: `Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-168A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-168A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-100A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-100A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-088A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-088A",
Title: `DNS Amplification Attacks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-317A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-317A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-309A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-309A",
Title: `CryptoLocker Ransomware Infections`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-288A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-288A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-064A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-064A",
Title: `Oracle Java Contains Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-032A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-032A",
Title: `Oracle Java Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-024A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-024A",
Title: `Content Management Systems Security and Associated Risks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-107A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-107A",
Title: `Oracle Has Released Multiple Updates for Java SE`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-071A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-071A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-015A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-015A",
Title: `Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-010A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-010A",
Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-253A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-253A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-193A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-193A",
Title: `Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator (ePO)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-190A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-190A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-323A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-323A",
Title: `Microsoft Windows Kerberos KDC Remote Privilege Escalation Vulnerability `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-300A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-300A",
Title: `Phishing Campaign Linked with “Dyre” Banking Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-295A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-295A",
Title: `Crypto Ransomware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-318B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-318B",
Title: `Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-317A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-317A",
Title: `Apple iOS 'Masque Attack' Technique`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-290A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-290A",
Title: `SSL 3.0 Protocol Vulnerability and POODLE Attack`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-017A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-017A",
Title: `UDP-Based Amplification Attacks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-002A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-002A",
Title: `Malware Targeting Point of Sale Systems`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-318A",
Title: `Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321) `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-310A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-310A",
Title: `Microsoft Ending Support for Windows Server 2003 Operating System`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-268A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-268A",
Title: `GNU Bourne-Again Shell (Bash) Shellshock Vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE 2014-6278) `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-098A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-098A",
Title: `OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-353A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-353A",
Title: `Targeted Destructive Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-329A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-329A",
Title: `Regin Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-212A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-212A",
Title: `Backoff Point-of-Sale Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-150A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-150A",
Title: `GameOver Zeus P2P Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-013A",
Title: `NTP Amplification Attacks Using CVE-2013-5211`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-195A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-195A",
Title: `Adobe Flash and Microsoft Windows Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-337A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-337A",
Title: `Dorkbot`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-240A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-240A",
Title: `Controlling Outbound DNS Access`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-213A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-213A",
Title: `Recent Email Phishing Campaigns Mitigation and Response Recommendations`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-120A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-120A",
Title: `Securing End-to-End Communications`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-119A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-119A",
Title: `Top 30 Targeted High Risk Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-105A",
Title: `Simda Botnet`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-103A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-103A",
Title: `DNS Zone Transfer AXFR Requests May Leak Domain Information`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-098A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-098A",
Title: `AAEH`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-314A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-314A",
Title: `Compromised Web Servers and Web Shells - Threat Awareness and Guidance `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-286A",
Title: `Dridex P2P Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-051A",
Title: `Lenovo Superfish Adware Vulnerable to HTTPS Spoofing`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-187A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-187A",
Title: `Symantec and Norton Security Products Contain Critical Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-144A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-144A",
Title: `WPAD Name Collision Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-132A",
Title: `Exploitation of SAP Business Applications`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-105A",
Title: `Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-091A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-091A",
Title: `Ransomware and Recent Variants`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-336A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-336A",
Title: `Avalanche (crimeware-as-a-service infrastructure)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-288A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-288A",
Title: `Heightened DDoS Threat Posed by Mirai and Other Botnets`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-250A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-250A",
Title: `The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-117A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-117A",
Title: `Intrusions Affecting Multiple Victims Across Multiple Sectors`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-318B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-318B",
Title: `HIDDEN COBRA North Korean Trojan: Volgmer`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-318A",
Title: `HIDDEN COBRA North Korean Remote Administration Tool: FALLCHILL`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-181A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-181A",
Title: `Petya Ransomware `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-132A",
Title: `Indicators Associated With WannaCry Ransomware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-075A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-075A",
Title: `HTTPS Interception Weakens TLS Security`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-293A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-293A",
Title: `Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-164A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-164A",
Title: `HIDDEN COBRA North Koreas DDoS Botnet Infrastructure`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-163A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-163A",
Title: `CrashOverride Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-156A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-156A",
Title: `Reducing the Risk of SNMP Abuse`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-141A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-141A",
Title: `Side-Channel Vulnerability Variants 3a and 4`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-086A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-086A",
Title: `Brute Force Attacks Conducted by Cyber Actors `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-004A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-004A",
Title: `Meltdown and Spectre Side-Channel Vulnerability Guidance`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-331A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-331A",
Title: `3ve Major Online Ad Fraud Operation`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/AA18-284A": {
URL: "https://www.us-cert.gov/ncas/alerts/AA18-284A",
Title: `Publicly Available Tools Seen in Cyber Incidents Worldwide`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-276B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-276B",
Title: `Advanced Persistent Threat Activity Exploiting Managed Service Providers`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-275A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-275A",
Title: `HIDDEN COBRA FASTCash Campaign`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-201A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-201A",
Title: `Emotet Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-276A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-276A",
Title: `Using Rigorous Credential Control to Mitigate Trusted Network Exploitation`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-149A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-149A",
Title: `HIDDEN COBRA Joanap Backdoor Trojan and Brambul Server Message Block Worm`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-145A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-145A",
Title: `Cyber Actors Target Home and Office Routers and Networked Devices Worldwide`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-106A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-106A",
Title: `Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-074A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-074A",
Title: `Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors`,
Team: "us",
},
}

534
alert/cve_jp.go Normal file
View File

@@ -0,0 +1,534 @@
package alert
// CveDictJa has CVE-ID key which included JPCERT alerts
var CveDictJa = map[string][]string{
"CVE-2006-0003": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-0005": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-1173": {"https://www.jpcert.or.jp/at/2006/at060008.html"},
"CVE-2006-3014": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3059": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3086": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3643": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-3730": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-3877": {"https://www.jpcert.or.jp/at/2007/at070005.html"},
"CVE-2006-5198": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-5745": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2007-0015": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2007-0038": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2008-4609": {"https://www.jpcert.or.jp/at/2009/at090019.html"},
"CVE-2010-0886": {"https://www.jpcert.or.jp/at/2010/at100010.html"},
"CVE-2010-0887": {"https://www.jpcert.or.jp/at/2010/at100010.html"},
"CVE-2011-1910": {"https://www.jpcert.or.jp/at/2011/at110014.html"},
"CVE-2011-2444": {"https://www.jpcert.or.jp/at/2011/at110026.html"},
"CVE-2011-2462": {"https://www.jpcert.or.jp/at/2011/at110034.html"},
"CVE-2011-2465": {"https://www.jpcert.or.jp/at/2011/at110019.html"},
"CVE-2011-3192": {"https://www.jpcert.or.jp/at/2011/at110023.html"},
"CVE-2011-3348": {"https://www.jpcert.or.jp/at/2011/at110023.html"},
"CVE-2011-3544": {"https://www.jpcert.or.jp/at/2011/at110032.html"},
"CVE-2011-4313": {"https://www.jpcert.or.jp/at/2011/at110031.html"},
"CVE-2012-0002": {"https://www.jpcert.or.jp/at/2012/at120009.html"},
"CVE-2012-0507": {"https://www.jpcert.or.jp/at/2012/at120010.html"},
"CVE-2012-0767": {"https://www.jpcert.or.jp/at/2012/at120006.html"},
"CVE-2012-0779": {"https://www.jpcert.or.jp/at/2012/at120014.html"},
"CVE-2012-0830": {"https://www.jpcert.or.jp/at/2012/at120004.html"},
"CVE-2012-2311": {"https://www.jpcert.or.jp/at/2012/at120016.html"},
"CVE-2012-4244": {"https://www.jpcert.or.jp/at/2012/at120029.html"},
"CVE-2012-4681": {"https://www.jpcert.or.jp/at/2012/at120028.html"},
"CVE-2012-4969": {"https://www.jpcert.or.jp/at/2012/at120030.html"},
"CVE-2012-5166": {"https://www.jpcert.or.jp/at/2012/at120033.html"},
"CVE-2013-0422": {"https://www.jpcert.or.jp/at/2013/at130004.html"},
"CVE-2013-1493": {"https://www.jpcert.or.jp/at/2013/at130014.html"},
"CVE-2013-2266": {"https://www.jpcert.or.jp/at/2013/at130017.html"},
"CVE-2013-2494": {"https://www.jpcert.or.jp/at/2013/at130017.html"},
"CVE-2013-3893": {"https://www.jpcert.or.jp/at/2013/at130040.html", "https://www.jpcert.or.jp/at/2013/at130041.html"},
"CVE-2013-3906": {"https://www.jpcert.or.jp/at/2013/at130044.html"},
"CVE-2013-3918": {"https://www.jpcert.or.jp/at/2013/at130045.html"},
"CVE-2013-3919": {"https://www.jpcert.or.jp/at/2013/at130026.html"},
"CVE-2013-4854": {"https://www.jpcert.or.jp/at/2013/at130034.html"},
"CVE-2014-0050": {"https://www.jpcert.or.jp/at/2014/at140007.html"},
"CVE-2014-0160": {"https://www.jpcert.or.jp/at/2014/at140013.html"},
"CVE-2014-0322": {"https://www.jpcert.or.jp/at/2014/at140009.html"},
"CVE-2014-1776": {"https://www.jpcert.or.jp/at/2014/at140018.html", "https://www.jpcert.or.jp/at/2014/at140020.html"},
"CVE-2014-3383": {"https://www.jpcert.or.jp/at/2015/at150021.html"},
"CVE-2014-3859": {"https://www.jpcert.or.jp/at/2014/at140027.html"},
"CVE-2014-4114": {"https://www.jpcert.or.jp/at/2014/at140039.html"},
"CVE-2014-6271": {"https://www.jpcert.or.jp/at/2014/at140037.html", "https://www.jpcert.or.jp/at/2014/at140038.html"},
"CVE-2014-6277": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-6278": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-6324": {"https://www.jpcert.or.jp/at/2014/at140048.html"},
"CVE-2014-6332": {"https://www.jpcert.or.jp/at/2015/at150015.html"},
"CVE-2014-6352": {"https://www.jpcert.or.jp/at/2014/at140043.html"},
"CVE-2014-7169": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-7186": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-7187": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-8361": {"https://www.jpcert.or.jp/at/2017/at170049.html"},
"CVE-2014-8500": {"https://www.jpcert.or.jp/at/2014/at140050.html"},
"CVE-2014-9163": {"https://www.jpcert.or.jp/at/2014/at140052.html"},
"CVE-2015-0313": {"https://www.jpcert.or.jp/at/2015/at150015.html"},
"CVE-2015-1769": {"https://www.jpcert.or.jp/at/2015/at150028.html"},
"CVE-2015-5119": {"https://www.jpcert.or.jp/at/2015/at150019.html"},
"CVE-2015-5122": {"https://www.jpcert.or.jp/at/2015/at150020.html"},
"CVE-2015-5123": {"https://www.jpcert.or.jp/at/2015/at150020.html"},
"CVE-2015-5477": {"https://www.jpcert.or.jp/at/2015/at150027.html"},
"CVE-2015-5986": {"https://www.jpcert.or.jp/at/2015/at150031.html"},
"CVE-2015-6835": {"https://www.jpcert.or.jp/at/2016/at160036.html"},
"CVE-2015-7547": {"https://www.jpcert.or.jp/at/2016/at160009.html"},
"CVE-2015-7645": {"https://www.jpcert.or.jp/at/2015/at150036.html", "https://www.jpcert.or.jp/at/2015/at150037.html"},
"CVE-2015-8000": {"https://www.jpcert.or.jp/at/2015/at150043.html"},
"CVE-2015-8461": {"https://www.jpcert.or.jp/at/2015/at150043.html"},
"CVE-2015-8562": {"https://www.jpcert.or.jp/at/2016/at160036.html"},
"CVE-2015-8651": {"https://www.jpcert.or.jp/at/2016/at160001.html"},
"CVE-2015-8704": {"https://www.jpcert.or.jp/at/2016/at160006.html"},
"CVE-2015-8705": {"https://www.jpcert.or.jp/at/2016/at160006.html"},
"CVE-2016-0189": {"https://www.jpcert.or.jp/at/2016/at160022.html"},
"CVE-2016-0636": {"https://www.jpcert.or.jp/at/2016/at160015.html"},
"CVE-2016-0800": {"https://www.jpcert.or.jp/at/2016/at160010.html"},
"CVE-2016-1000109": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-1000110": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-1010": {"https://www.jpcert.or.jp/at/2016/at160014.html"},
"CVE-2016-1019": {"https://www.jpcert.or.jp/at/2016/at160016.html"},
"CVE-2016-1204": {"https://www.jpcert.or.jp/at/2016/at160019.html"},
"CVE-2016-1286": {"https://www.jpcert.or.jp/at/2016/at160013.html", "https://www.jpcert.or.jp/at/2016/at160037.html"},
"CVE-2016-2776": {"https://www.jpcert.or.jp/at/2016/at160037.html"},
"CVE-2016-3081": {"https://www.jpcert.or.jp/at/2016/at160020.html"},
"CVE-2016-3227": {"https://www.jpcert.or.jp/at/2016/at160025.html"},
"CVE-2016-3714": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3715": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3716": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3717": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3718": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-4117": {"https://www.jpcert.or.jp/at/2016/at160024.html"},
"CVE-2016-4171": {"https://www.jpcert.or.jp/at/2016/at160026.html"},
"CVE-2016-4438": {"https://www.jpcert.or.jp/at/2016/at160027.html"},
"CVE-2016-5385": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5386": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5387": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5388": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-6307": {"https://www.jpcert.or.jp/at/2016/at160038.html"},
"CVE-2016-6309": {"https://www.jpcert.or.jp/at/2016/at160038.html"},
"CVE-2016-7189": {"https://www.jpcert.or.jp/at/2016/at160039.html"},
"CVE-2016-7836": {"https://www.jpcert.or.jp/at/2016/at160051.html", "https://www.jpcert.or.jp/at/2017/at170023.html"},
"CVE-2016-7855": {"https://www.jpcert.or.jp/at/2016/at160039.html", "https://www.jpcert.or.jp/at/2016/at160043.html"},
"CVE-2016-7892": {"https://www.jpcert.or.jp/at/2016/at160048.html", "https://www.jpcert.or.jp/at/2016/at160049.html"},
"CVE-2016-8864": {"https://www.jpcert.or.jp/at/2016/at160044.html"},
"CVE-2016-9131": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9147": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9444": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9778": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2017-0093": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0106": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0145": {"https://www.jpcert.or.jp/at/2017/at170020.html"},
"CVE-2017-0158": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0160": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0161": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-0162": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0163": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0180": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0181": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0199": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0200": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0201": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0202": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0205": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0210": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0221": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0222": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0224": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0227": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0228": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0229": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0235": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0236": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0240": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0250": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-0261": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0263": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0266": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0272": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0277": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0278": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0279": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0283": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0290": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0291": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0292": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0293": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-0294": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0781": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0782": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0783": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0785": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-1000250": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-1000251": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-10271": {"https://www.jpcert.or.jp/at/2018/at180004.html"},
"CVE-2017-10845": {"https://www.jpcert.or.jp/at/2017/at170034.html"},
"CVE-2017-10846": {"https://www.jpcert.or.jp/at/2017/at170034.html"},
"CVE-2017-11223": {"https://www.jpcert.or.jp/at/2017/at170031.html"},
"CVE-2017-11292": {"https://www.jpcert.or.jp/at/2017/at170040.html"},
"CVE-2017-11762": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11763": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11764": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-11766": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-11771": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11779": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11792": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11793": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11796": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11798": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11799": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11800": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11802": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11804": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11805": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11806": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11807": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11808": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11809": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11810": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11811": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11812": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11813": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11819": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11821": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11822": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11826": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11836": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11837": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11838": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11839": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11840": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11841": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11843": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11845": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11846": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11855": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11856": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11858": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11861": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11862": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11866": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11869": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11870": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11871": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11873": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11882": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11886": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11888": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11889": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11890": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11893": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11894": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11895": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11901": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11903": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11905": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11907": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11908": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11909": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11910": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11911": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11912": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11914": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11918": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11930": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11937": {"https://www.jpcert.or.jp/at/2017/at170046.html"},
"CVE-2017-12615": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-12616": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-12617": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-13872": {"https://www.jpcert.or.jp/at/2017/at170045.html"},
"CVE-2017-14315": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-3135": {"https://www.jpcert.or.jp/at/2017/at170007.html"},
"CVE-2017-3136": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3137": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3138": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3142": {"https://www.jpcert.or.jp/at/2017/at170024.html"},
"CVE-2017-3143": {"https://www.jpcert.or.jp/at/2017/at170024.html"},
"CVE-2017-3145": {"https://www.jpcert.or.jp/at/2018/at180005.html"},
"CVE-2017-5638": {"https://www.jpcert.or.jp/at/2017/at170009.html"},
"CVE-2017-6753": {"https://www.jpcert.or.jp/at/2017/at170028.html"},
"CVE-2017-8463": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8464": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8496": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8497": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8499": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8517": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8520": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8522": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8524": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8527": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8528": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8543": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8548": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8549": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8584": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8589": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8591": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8594": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8595": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8596": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8598": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8601": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8603": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8604": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8605": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8606": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8607": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8608": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8609": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8610": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8617": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8618": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8619": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8620": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8622": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8628": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-8634": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8635": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8636": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8638": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8639": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8640": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8641": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8645": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8646": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8647": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8649": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8653": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8655": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8656": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8657": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8660": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8661": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8669": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8670": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8671": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8672": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8674": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8676": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8682": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8686": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8696": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8727": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-8728": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8729": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8731": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8734": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8737": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8738": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8740": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8741": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8747": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8748": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8749": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8750": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8751": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8752": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8753": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8755": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8756": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8757": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8759": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-9791": {"https://www.jpcert.or.jp/at/2017/at170025.html"},
"CVE-2017-9805": {"https://www.jpcert.or.jp/at/2017/at170033.html"},
"CVE-2018-0171": {"https://www.jpcert.or.jp/at/2018/at180013.html"},
"CVE-2018-0758": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0762": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0763": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0767": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0769": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0770": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0772": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0773": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0774": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0775": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0776": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0777": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0778": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0780": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0781": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0797": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0800": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0802": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0825": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0834": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0835": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0837": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0838": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0840": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0852": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0856": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0857": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0859": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0860": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0861": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0870": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0872": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0874": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0876": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0889": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0893": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0930": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0931": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0932": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0933": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0934": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0936": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0937": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0939": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0943": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0945": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0946": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0950": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0951": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0953": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0954": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0955": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0959": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0961": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0965": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-0979": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0980": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0981": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0988": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0990": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0991": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0993": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0994": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0995": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0996": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1000": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1004": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1010": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1012": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1013": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1015": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1016": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1018": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1019": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1020": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1022": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-1023": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-11776": {"https://www.jpcert.or.jp/at/2018/at180036.html"},
"CVE-2018-1270": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1271": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1272": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1273": {"https://www.jpcert.or.jp/at/2018/at180017.html"},
"CVE-2018-1274": {"https://www.jpcert.or.jp/at/2018/at180017.html"},
"CVE-2018-1275": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-12794": {"https://www.jpcert.or.jp/at/2018/at180039.html"},
"CVE-2018-1336": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-15442": {"https://www.jpcert.or.jp/at/2018/at180043.html"},
"CVE-2018-15979": {"https://www.jpcert.or.jp/at/2018/at180045.html"},
"CVE-2018-2628": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2893": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2894": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2933": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2983": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2998": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-4877": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-4878": {"https://www.jpcert.or.jp/at/2018/at180006.html", "https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-4945": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5000": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5001": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5002": {"https://www.jpcert.or.jp/at/2018/at180024.html", "https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5740": {"https://www.jpcert.or.jp/at/2018/at180031.html"},
"CVE-2018-7600": {"https://www.jpcert.or.jp/at/2018/at180012.html"},
"CVE-2018-7602": {"https://www.jpcert.or.jp/at/2018/at180019.html"},
"CVE-2018-8034": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-8037": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-8110": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8111": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8114": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8120": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8122": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8128": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8130": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8133": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8137": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8139": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8154": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8174": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8178": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8213": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8225": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8229": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8231": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8236": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8242": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8249": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8251": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8262": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8266": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8267": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8273": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8274": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8275": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8279": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8280": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8286": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8288": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8290": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8291": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8294": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8296": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8301": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8302": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8324": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8332": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8344": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8345": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8350": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8355": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8367": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8371": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8372": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8373": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8377": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8380": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8381": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8385": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8387": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8390": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8397": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8403": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8414": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8420": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8421": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8439": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8440": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8447": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8453": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8456": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8457": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8459": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8460": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8461": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8464": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8465": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8466": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8467": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8473": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8475": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8476": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8489": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8490": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8491": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8494": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8505": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8509": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8510": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8511": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8513": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8541": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8542": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8543": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8544": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8551": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8553": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8555": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8556": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8557": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8588": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8589": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8609": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
}

96
alert/cve_us.go Normal file
View File

@@ -0,0 +1,96 @@
package alert
// CveDictEn has CVE-ID key which included USCERT alerts
var CveDictEn = map[string][]string{
"CVE-1999-0532": {"https://www.us-cert.gov/ncas/alerts/TA15-103A"},
"CVE-2006-3227": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2008-0015": {"https://www.us-cert.gov/ncas/alerts/TA09-195A", "https://www.us-cert.gov/ncas/alerts/TA09-209A"},
"CVE-2008-2244": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-0658": {"https://www.us-cert.gov/ncas/alerts/TA09-051A"},
"CVE-2009-0927": {"https://www.us-cert.gov/ncas/alerts/TA13-141A"},
"CVE-2009-1492": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
"CVE-2009-1493": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
"CVE-2009-1537": {"https://www.us-cert.gov/ncas/alerts/TA09-195A"},
"CVE-2009-3103": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2009-3129": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-3674": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-3953": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-0018": {"https://www.us-cert.gov/ncas/alerts/TA10-012B"},
"CVE-2010-0188": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-0806": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-1297": {"https://www.us-cert.gov/ncas/alerts/TA10-162A", "https://www.us-cert.gov/ncas/alerts/TA10-159A"},
"CVE-2010-2883": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-3333": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-0101": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-0611": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-2462": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-0158": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1723": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1856": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1889": {"https://www.us-cert.gov/ncas/alerts/TA12-174A"},
"CVE-2012-3174": {"https://www.us-cert.gov/ncas/alerts/TA13-010A"},
"CVE-2012-4681": {"https://www.us-cert.gov/ncas/alerts/TA12-240A"},
"CVE-2012-4792": {"https://www.us-cert.gov/ncas/alerts/TA13-015A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0074": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0140": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
"CVE-2013-0141": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
"CVE-2013-0422": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA13-010A"},
"CVE-2013-0625": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0632": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0809": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
"CVE-2013-1347": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-1493": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
"CVE-2013-1571": {"https://www.us-cert.gov/ncas/alerts/TA13-169A"},
"CVE-2013-2465": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-2729": {"https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-3336": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-5211": {"https://www.us-cert.gov/ncas/alerts/TA14-017A", "https://www.us-cert.gov/ncas/alerts/TA14-013A"},
"CVE-2013-5326": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0160": {"https://www.us-cert.gov/ncas/alerts/TA14-098A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0322": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0564": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-1761": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-1776": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-3393": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2014-3566": {"https://www.us-cert.gov/ncas/alerts/TA14-290A", "https://www.us-cert.gov/ncas/alerts/TA15-120A"},
"CVE-2014-4114": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-6271": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6277": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6278": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6321": {"https://www.us-cert.gov/ncas/alerts/TA14-318A"},
"CVE-2014-6332": {"https://www.us-cert.gov/ncas/alerts/TA14-318B"},
"CVE-2014-7169": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-7186": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-7187": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-8730": {"https://www.us-cert.gov/ncas/alerts/TA14-290A"},
"CVE-2015-2387": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-5119": {"https://www.us-cert.gov/ncas/alerts/TA15-195A", "https://www.us-cert.gov/ncas/alerts/TA15-213A"},
"CVE-2015-5122": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-5123": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-6585": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2015-8651": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-0034": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-1019": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-2207": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2208": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2209": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2210": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2211": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-3644": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-3645": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-4117": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-6366": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6367": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6415": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6909": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-7089": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2017-0144": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2017-0145": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2017-3066": {"https://www.us-cert.gov/ncas/alerts/AA18-284A"},
"CVE-2017-5715": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2017-5753": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2017-5754": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2018-1038": {"https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2018-3639": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
"CVE-2018-3640": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
}

21
alert/util.go Normal file
View File

@@ -0,0 +1,21 @@
package alert
// GenerateAlertDict returns XCERT alert slice by cveID
func GenerateAlertDict(cveID string, lang string) (alerts []Alert) {
if lang == "ja" {
if keys, ok := CveDictJa[cveID]; ok {
for _, key := range keys {
alerts = append(alerts, AlertDictJa[key])
}
}
return alerts
}
// default language is English
if keys, ok := CveDictEn[cveID]; ok {
for _, key := range keys {
alerts = append(alerts, AlertDictEn[key])
}
}
return alerts
}

9
commands/discover.go
View File

@@ -176,6 +176,11 @@ sqlite3Path = "/path/to/go-exploitdb.sqlite3"
#room = "xxxxxxxxxxx"
#apiToken = "xxxxxxxxxxxxxxxxxx"
# https://vuls.io/docs/en/usage-settings.html#telegram-section
#[telegram]
#chatID = "xxxxxxxxxxx"
#token = "xxxxxxxxxxxxxxxxxx"
# https://vuls.io/docs/en/usage-settings.html#default-section
[default]
#port = "22"
@@ -215,10 +220,12 @@ host = "{{$ip}}"
#owaspDCXMLPath = "/path/to/dependency-check-report.xml"
#ignoreCves = ["CVE-2014-0160"]
#[servers.{{index $names $i}}.githubs."owner/repo"]
#token = "yourToken"
#[servers.{{index $names $i}}.optional]
#key = "value1"
{{end}}
`

64
commands/report.go
View File

@@ -64,12 +64,14 @@ func (*ReportCmd) Usage() string {
[-diff]
[-ignore-unscored-cves]
[-ignore-unfixed]
[-ignore-github-dismissed]
[-to-email]
[-to-http]
[-to-slack]
[-to-stride]
[-to-hipchat]
[-to-chatwork]
[-to-telegram]
[-to-localfile]
[-to-s3]
[-to-azure-blob]
@@ -86,18 +88,18 @@ func (*ReportCmd) Usage() string {
[-debug]
[-debug-sql]
[-pipe]
[-cvedb-type=sqlite3|mysql|postgres|redis]
[-cvedb-type=sqlite3|mysql|postgres|redis|http]
[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
[-ovaldb-type=sqlite3|mysql|redis]
[-ovaldb-type=sqlite3|mysql|redis|http]
[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
[-gostdb-type=sqlite3|mysql|redis]
[-gostdb-type=sqlite3|mysql|redis|http]
[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
[-exploitdb-type=sqlite3|mysql|redis]
[-exploitdb-type=sqlite3|mysql|redis|http]
[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
[-exploitdb-url=http://127.0.0.1:1325 or DB connection string]
[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
[-http="http://vuls-report-server"]
[RFC3339 datetime format under results dir]
@@ -132,10 +134,12 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.IgnoreUnscoredCves, "ignore-unscored-cves", false,
"Don't report the unscored CVEs")
f.BoolVar(
&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
f.BoolVar(&c.Conf.IgnoreUnfixed, "ignore-unfixed", false,
"Don't report the unfixed CVEs")
f.BoolVar(&c.Conf.IgnoreGitHubDismissed, "ignore-github-dismissed", false,
"Don't report the dismissed CVEs on GitHub Security Alerts")
f.StringVar(
&c.Conf.HTTPProxy, "http-proxy", "",
"http://proxy-url:port (default: empty)")
@@ -154,6 +158,7 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.ToStride, "to-stride", false, "Send report via Stride")
f.BoolVar(&c.Conf.ToHipChat, "to-hipchat", false, "Send report via hipchat")
f.BoolVar(&c.Conf.ToChatWork, "to-chatwork", false, "Send report via chatwork")
f.BoolVar(&c.Conf.ToTelegram, "to-telegram", false, "Send report via Telegram")
f.BoolVar(&c.Conf.ToEmail, "to-email", false, "Send report via Email")
f.BoolVar(&c.Conf.ToSyslog, "to-syslog", false, "Send report via Syslog")
f.BoolVar(&c.Conf.ToLocalFile, "to-localfile", false, "Write report to localfile")
@@ -171,25 +176,25 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use args passed via PIPE")
f.StringVar(&p.cveDict.Type, "cvedb-type", "",
"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.cveDict.URL, "cvedb-url", "",
"http://go-cve-dictionary.com:1323 or DB connection string")
f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
"DB type of goval-dictionary (sqlite3, mysql, postgres or redis)")
"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
"http://goval-dictionary.com:1324 or DB connection string")
f.StringVar(&p.gostConf.Type, "gostdb-type", "",
"DB type of gost (sqlite3, mysql, postgres or redis)")
"DB type of gost (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.gostConf.URL, "gostdb-url", "",
"http://gost.com:1325 or DB connection string")
f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
"DB type of exploit (sqlite3, mysql, postgres or redis)")
"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
"http://exploit.com:1326 or DB connection string")
@@ -247,6 +252,10 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
reports = append(reports, report.ChatWorkWriter{})
}
if c.Conf.ToTelegram {
reports = append(reports, report.TelegramWriter{})
}
if c.Conf.ToEmail {
reports = append(reports, report.EMailWriter{})
}
@@ -350,31 +359,21 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
return subcommands.ExitUsageError
}
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with -cvedb-sqlite3-path option instead of -cvedb-url")
return subcommands.ExitFailure
}
if c.Conf.CveDict.URL != "" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.URL)
} else {
if c.Conf.CveDict.Type == "sqlite3" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.SQLite3Path)
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
return subcommands.ExitFailure
}
}
if c.Conf.OvalDict.URL != "" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.URL)
err := oval.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with -ovaldb-sqlite3-path option instead of -ovaldb-url")
util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
return subcommands.ExitFailure
}
} else {
if c.Conf.OvalDict.Type == "sqlite3" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.SQLite3Path)
}
}
if c.Conf.Gost.URL != "" {
@@ -382,27 +381,18 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
err := gost.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("gost HTTP server is not running. err: %s", err)
util.Log.Errorf("Run gost as server mode before reporting or run with -gostdb-sqlite3-path option instead of -gostdb-url")
util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
return subcommands.ExitFailure
}
} else {
if c.Conf.Gost.Type == "sqlite3" {
util.Log.Infof("gost: %s", c.Conf.Gost.SQLite3Path)
}
}
if c.Conf.Exploit.URL != "" {
util.Log.Infof("exploit: %s", c.Conf.Exploit.URL)
err := exploit.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
util.Log.Errorf("Run exploit as server mode before reporting or run with -exploitdb-sqlite3-path option instead of -exploitdb-url")
util.Log.Errorf("Run go-exploitdb as server mode before reporting")
return subcommands.ExitFailure
}
} else {
if c.Conf.Exploit.Type == "sqlite3" {
util.Log.Infof("exploit: %s", c.Conf.Exploit.SQLite3Path)
}
}
dbclient, locked, err := report.NewDBClient(report.DBClientConf{
CveDictCnf: c.Conf.CveDict,

112
commands/server.go
View File

@@ -28,6 +28,8 @@ import (
// "github.com/future-architect/vuls/Server"
c "github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/exploit"
"github.com/future-architect/vuls/gost"
"github.com/future-architect/vuls/oval"
"github.com/future-architect/vuls/report"
"github.com/future-architect/vuls/server"
@@ -38,11 +40,12 @@ import (
// ServerCmd is subcommand for server
type ServerCmd struct {
configPath string
listen string
cvelDict c.GoCveDictConf
ovalDict c.GovalDictConf
gostConf c.GostConf
configPath string
listen string
cveDict c.GoCveDictConf
ovalDict c.GovalDictConf
gostConf c.GostConf
exploitConf c.ExploitConf
}
// Name return subcommand name
@@ -59,36 +62,26 @@ func (*ServerCmd) Usage() string {
[-config=/path/to/config.toml]
[-log-dir=/path/to/log]
[-cvss-over=7]
[-diff]
[-ignore-unscored-cves]
[-ignore-unfixed]
[-to-email]
[-to-slack]
[-to-stride]
[-to-hipchat]
[-to-chatwork]
[-to-localfile]
[-to-s3]
[-to-azure-blob]
[-format-json]
[-format-xml]
[-format-one-email]
[-format-one-line-text]
[-format-list]
[-format-full-text]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-listen=localhost:5515]
[-cvedb-type=sqlite3|mysql|postgres|redis]
[-cvedb-path=/path/to/cve.sqlite3]
[-cvedb-type=sqlite3|mysql|postgres|redis|http]
[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
[-ovaldb-type=sqlite3|mysql|redis]
[-ovaldb-path=/path/to/oval.sqlite3]
[-ovaldb-type=sqlite3|mysql|redis|http]
[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
[-gostdb-type=sqlite3|mysql|redis]
[-gostdb-path=/path/to/gost.sqlite3]
[-gostdb-type=sqlite3|mysql|redis|http]
[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
[-exploitdb-type=sqlite3|mysql|redis|http]
[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
[RFC3339 datetime format under results dir]
`
@@ -128,23 +121,29 @@ func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
f.StringVar(&p.listen, "listen", "localhost:5515",
"host:port (default: localhost:5515)")
f.StringVar(&p.cvelDict.Type, "cvedb-type", "sqlite3",
"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
f.StringVar(&p.cvelDict.SQLite3Path, "cvedb-path", "", "/path/to/sqlite3")
f.StringVar(&p.cvelDict.URL, "cvedb-url", "",
f.StringVar(&p.cveDict.Type, "cvedb-type", "",
"DB type of go-cve-dictionary (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.cveDict.SQLite3Path, "cvedb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.cveDict.URL, "cvedb-url", "",
"http://go-cve-dictionary.com:1323 or DB connection string")
f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
"DB type of goval-dictionary (sqlite3, mysql, postgres or redis)")
f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-path", "", "/path/to/sqlite3")
"DB type of goval-dictionary (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.ovalDict.SQLite3Path, "ovaldb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.ovalDict.URL, "ovaldb-url", "",
"http://goval-dictionary.com:1324 or DB connection string")
f.StringVar(&p.gostConf.Type, "gostdb-type", "",
"DB type of gost (sqlite3, mysql, postgres or redis)")
f.StringVar(&p.gostConf.SQLite3Path, "gostdb-path", "", "/path/to/sqlite3")
"DB type of gost (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.gostConf.SQLite3Path, "gostdb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.gostConf.URL, "gostdb-url", "",
"http://gost.com:1325 or DB connection string")
f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
"http://exploit.com:1326 or DB connection string")
}
// Execute execute
@@ -152,39 +151,59 @@ func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
util.Log = util.NewCustomLogger(c.ServerInfo{})
cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
c.Conf.CveDict.Overwrite(p.cvelDict)
if err := c.Load(p.configPath, ""); err != nil {
util.Log.Errorf("Error loading %s, %s", p.configPath, err)
return subcommands.ExitUsageError
}
c.Conf.CveDict.Overwrite(p.cveDict)
c.Conf.OvalDict.Overwrite(p.ovalDict)
c.Conf.Gost.Overwrite(p.gostConf)
c.Conf.Exploit.Overwrite(p.exploitConf)
util.Log.Info("Validating config...")
if !c.Conf.ValidateOnReport() {
return subcommands.ExitUsageError
}
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before Servering or run with -cvedb-path option")
return subcommands.ExitFailure
util.Log.Info("Validating db config...")
if !c.Conf.ValidateOnReportDB() {
return subcommands.ExitUsageError
}
if c.Conf.CveDict.URL != "" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.URL)
} else {
if c.Conf.CveDict.Type == "sqlite3" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.SQLite3Path)
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
return subcommands.ExitFailure
}
}
if c.Conf.OvalDict.URL != "" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.URL)
err := oval.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
util.Log.Errorf("Run goval-dictionary as server mode before Servering or run with -ovaldb-path option")
util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
return subcommands.ExitFailure
}
} else {
if c.Conf.OvalDict.Type == "sqlite3" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.SQLite3Path)
}
if c.Conf.Gost.URL != "" {
util.Log.Infof("gost: %s", c.Conf.Gost.URL)
err := gost.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("gost HTTP server is not running. err: %s", err)
util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
return subcommands.ExitFailure
}
}
if c.Conf.Exploit.URL != "" {
err := exploit.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-exploitdb as server mode before reporting")
return subcommands.ExitFailure
}
}
@@ -192,6 +211,7 @@ func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
CveDictCnf: c.Conf.CveDict,
OvalDictCnf: c.Conf.OvalDict,
GostCnf: c.Conf.Gost,
ExploitCnf: c.Conf.Exploit,
DebugSQL: c.Conf.DebugSQL,
})
if locked {

63
commands/tui.go
View File

@@ -37,7 +37,7 @@ import (
// TuiCmd is Subcommand of host discovery mode
type TuiCmd struct {
configPath string
cvelDict c.GoCveDictConf
cveDict c.GoCveDictConf
ovalDict c.GovalDictConf
gostConf c.GostConf
exploitConf c.ExploitConf
@@ -64,15 +64,18 @@ func (*TuiCmd) Usage() string {
[-debug]
[-debug-sql]
[-pipe]
[-cvedb-type=sqlite3|mysql|postgres|redis]
[-cvedb-path=/path/to/cve.sqlite3]
[-cvedb-type=sqlite3|mysql|postgres|redis|http]
[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
[-cvedb-url=http://127.0.0.1:1323 or DB connection string]
[-ovaldb-type=sqlite3|mysql|redis]
[-ovaldb-path=/path/to/oval.sqlite3]
[-ovaldb-type=sqlite3|mysql|redis|http]
[-ovaldb-sqlite3-path=/path/to/oval.sqlite3]
[-ovaldb-url=http://127.0.0.1:1324 or DB connection string]
[-gostdb-type=sqlite3|mysql|redis]
[-gostdb-path=/path/to/gost.sqlite3]
[-gostdb-type=sqlite3|mysql|redis|http]
[-gostdb-sqlite3-path=/path/to/gost.sqlite3]
[-gostdb-url=http://127.0.0.1:1325 or DB connection string]
[-exploitdb-type=sqlite3|mysql|redis|http]
[-exploitdb-sqlite3-path=/path/to/exploitdb.sqlite3]
[-exploitdb-url=http://127.0.0.1:1326 or DB connection string]
`
}
@@ -111,10 +114,10 @@ func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
f.StringVar(&p.cvelDict.Type, "cvedb-type", "sqlite3",
f.StringVar(&p.cveDict.Type, "cvedb-type", "",
"DB type of go-cve-dictionary (sqlite3, mysql, postgres or redis)")
f.StringVar(&p.cvelDict.SQLite3Path, "cvedb-path", "", "/path/to/sqlite3")
f.StringVar(&p.cvelDict.URL, "cvedb-url", "",
f.StringVar(&p.cveDict.SQLite3Path, "cvedb-path", "", "/path/to/sqlite3")
f.StringVar(&p.cveDict.URL, "cvedb-url", "",
"http://go-cve-dictionary.com:1323 or DB connection string")
f.StringVar(&p.ovalDict.Type, "ovaldb-type", "",
@@ -130,7 +133,7 @@ func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
"http://gost.com:1325 or DB connection string")
f.StringVar(&p.exploitConf.Type, "exploitdb-type", "",
"DB type of exploit (sqlite3, mysql, postgres or redis)")
"DB type of exploit (sqlite3, mysql, postgres, redis or http)")
f.StringVar(&p.exploitConf.SQLite3Path, "exploitdb-sqlite3-path", "", "/path/to/sqlite3")
f.StringVar(&p.exploitConf.URL, "exploitdb-url", "",
"http://exploit.com:1326 or DB connection string")
@@ -150,7 +153,7 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
return subcommands.ExitUsageError
}
c.Conf.CveDict.Overwrite(p.cvelDict)
c.Conf.CveDict.Overwrite(p.cveDict)
c.Conf.OvalDict.Overwrite(p.ovalDict)
c.Conf.Gost.Overwrite(p.gostConf)
c.Conf.Exploit.Overwrite(p.exploitConf)
@@ -179,31 +182,26 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
}
util.Log.Infof("Loaded: %s", dir)
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with -cvedb-sqlite3-path option instead of -cvedb-url")
return subcommands.ExitFailure
util.Log.Info("Validating db config...")
if !c.Conf.ValidateOnReportDB() {
return subcommands.ExitUsageError
}
if c.Conf.CveDict.URL != "" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.URL)
} else {
if c.Conf.CveDict.Type == "sqlite3" {
util.Log.Infof("cve-dictionary: %s", c.Conf.CveDict.SQLite3Path)
if err := report.CveClient.CheckHealth(); err != nil {
util.Log.Errorf("CVE HTTP server is not running. err: %s", err)
util.Log.Errorf("Run go-cve-dictionary as server mode before reporting or run with `-cvedb-type=sqlite3 -cvedb-sqlite3-path` option instead of -cvedb-url")
return subcommands.ExitFailure
}
}
if c.Conf.OvalDict.URL != "" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.URL)
err := oval.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("OVAL HTTP server is not running. err: %s", err)
util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with -ovaldb-sqlite3-path option instead of -ovaldb-url")
util.Log.Errorf("Run goval-dictionary as server mode before reporting or run with `-ovaldb-type=sqlite3 -ovaldb-sqlite3-path` option instead of -ovaldb-url")
return subcommands.ExitFailure
}
} else {
if c.Conf.OvalDict.Type == "sqlite3" {
util.Log.Infof("oval-dictionary: %s", c.Conf.OvalDict.SQLite3Path)
}
}
if c.Conf.Gost.URL != "" {
@@ -211,27 +209,18 @@ func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) s
err := gost.Base{}.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("gost HTTP server is not running. err: %s", err)
util.Log.Errorf("Run gost as server mode before reporting or run with -gostdb-sqlite3-path option instead of -gostdb-url")
util.Log.Errorf("Run gost as server mode before reporting or run with `-gostdb-type=sqlite3 -gostdb-sqlite3-path` option instead of -gostdb-url")
return subcommands.ExitFailure
}
} else {
if c.Conf.Gost.Type == "sqlite3" {
util.Log.Infof("gost: %s", c.Conf.Gost.SQLite3Path)
}
}
if c.Conf.Exploit.URL != "" {
util.Log.Infof("exploit: %s", c.Conf.Exploit.URL)
err := exploit.CheckHTTPHealth()
if err != nil {
util.Log.Errorf("exploit HTTP server is not running. err: %s", err)
util.Log.Errorf("Run exploit as server mode before reporting or run with -exploitdb-sqlite3-path option instead of -exploitdb-url")
util.Log.Errorf("Run go-exploitdb as server mode before reporting")
return subcommands.ExitFailure
}
} else {
if c.Conf.Exploit.Type == "sqlite3" {
util.Log.Infof("exploit: %s", c.Conf.Exploit.SQLite3Path)
}
}
dbclient, locked, err := report.NewDBClient(report.DBClientConf{
CveDictCnf: c.Conf.CveDict,

204
config/config.go
View File

@@ -33,7 +33,7 @@ import (
)
// Version of Vuls
var Version = "0.5.0"
var Version = "0.6.3"
// Revision of Git
var Revision string
@@ -98,31 +98,34 @@ const (
//Config is struct of Configuration
type Config struct {
Debug bool `json:"debug"`
DebugSQL bool `json:"debugSQL"`
Lang string `json:"lang"`
HTTPProxy string `valid:"url" json:"httpProxy"`
LogDir string `json:"logDir"`
ResultsDir string `json:"resultsDir"`
Pipe bool `json:"pipe"`
Debug bool `json:"debug,omitempty"`
DebugSQL bool `json:"debugSQL,omitempty"`
Lang string `json:"lang,omitempty"`
HTTPProxy string `valid:"url" json:"httpProxy,omitempty"`
LogDir string `json:"logDir,omitempty"`
ResultsDir string `json:"resultsDir,omitempty"`
Pipe bool `json:"pipe,omitempty"`
Default ServerInfo `json:"default"`
Servers map[string]ServerInfo `json:"servers"`
CvssScoreOver float64 `json:"cvssScoreOver"`
IgnoreUnscoredCves bool `json:"ignoreUnscoredCves"`
IgnoreUnfixed bool `json:"ignoreUnfixed"`
SSHNative bool `json:"sshNative"`
SSHConfig bool `json:"sshConfig"`
ContainersOnly bool `json:"containersOnly"`
SkipBroken bool `json:"skipBroken"`
CacheDBPath string `json:"cacheDBPath"`
Vvv bool `json:"vvv"`
UUID bool `json:"uuid"`
Default ServerInfo `json:"default,omitempty"`
Servers map[string]ServerInfo `json:"servers,omitempty"`
CvssScoreOver float64 `json:"cvssScoreOver,omitempty"`
CveDict GoCveDictConf `json:"cveDict"`
OvalDict GovalDictConf `json:"ovalDict"`
Gost GostConf `json:"gost"`
Exploit ExploitConf `json:"exploit"`
IgnoreUnscoredCves bool `json:"ignoreUnscoredCves,omitempty"`
IgnoreUnfixed bool `json:"ignoreUnfixed,omitempty"`
IgnoreGitHubDismissed bool `json:"ignore_git_hub_dismissed,omitempty"`
SSHNative bool `json:"sshNative,omitempty"`
SSHConfig bool `json:"sshConfig,omitempty"`
ContainersOnly bool `json:"containersOnly,omitempty"`
SkipBroken bool `json:"skipBroken,omitempty"`
CacheDBPath string `json:"cacheDBPath,omitempty"`
Vvv bool `json:"vvv,omitempty"`
UUID bool `json:"uuid,omitempty"`
CveDict GoCveDictConf `json:"cveDict,omitempty"`
OvalDict GovalDictConf `json:"ovalDict,omitempty"`
Gost GostConf `json:"gost,omitempty"`
Exploit ExploitConf `json:"exploit,omitempty"`
Slack SlackConf `json:"-"`
EMail SMTPConf `json:"-"`
@@ -133,28 +136,30 @@ type Config struct {
Stride StrideConf `json:"-"`
HipChat HipChatConf `json:"-"`
ChatWork ChatWorkConf `json:"-"`
Telegram TelegramConf `json:"-"`
Saas SaasConf `json:"-"`
RefreshCve bool `json:"refreshCve"`
ToSlack bool `json:"toSlack"`
ToStride bool `json:"toStride"`
ToHipChat bool `json:"toHipChat"`
ToChatWork bool `json:"toChatWork"`
ToEmail bool `json:"toEmail"`
ToSyslog bool `json:"toSyslog"`
ToLocalFile bool `json:"toLocalFile"`
ToS3 bool `json:"toS3"`
ToAzureBlob bool `json:"toAzureBlob"`
ToSaas bool `json:"toSaas"`
ToHTTP bool `json:"toHTTP"`
FormatXML bool `json:"formatXML"`
FormatJSON bool `json:"formatJSON"`
FormatOneEMail bool `json:"formatOneEMail"`
FormatOneLineText bool `json:"formatOneLineText"`
FormatList bool `json:"formatList"`
FormatFullText bool `json:"formatFullText"`
GZIP bool `json:"gzip"`
Diff bool `json:"diff"`
RefreshCve bool `json:"refreshCve,omitempty"`
ToSlack bool `json:"toSlack,omitempty"`
ToStride bool `json:"toStride,omitempty"`
ToHipChat bool `json:"toHipChat,omitempty"`
ToChatWork bool `json:"toChatWork,omitempty"`
ToTelegram bool `json:"ToTelegram,omitempty"`
ToEmail bool `json:"toEmail,omitempty"`
ToSyslog bool `json:"toSyslog,omitempty"`
ToLocalFile bool `json:"toLocalFile,omitempty"`
ToS3 bool `json:"toS3,omitempty"`
ToAzureBlob bool `json:"toAzureBlob,omitempty"`
ToSaas bool `json:"toSaas,omitempty"`
ToHTTP bool `json:"toHTTP,omitempty"`
FormatXML bool `json:"formatXML,omitempty"`
FormatJSON bool `json:"formatJSON,omitempty"`
FormatOneEMail bool `json:"formatOneEMail,omitempty"`
FormatOneLineText bool `json:"formatOneLineText,omitempty"`
FormatList bool `json:"formatList,omitempty"`
FormatFullText bool `json:"formatFullText,omitempty"`
GZIP bool `json:"gzip,omitempty"`
Diff bool `json:"diff,omitempty"`
}
// ValidateOnConfigtest validates
@@ -236,6 +241,14 @@ func (c Config) ValidateOnReportDB() bool {
errs = append(errs, err)
}
if err := validateDB("gostdb", c.Gost.Type, c.Gost.SQLite3Path, c.Gost.URL); err != nil {
errs = append(errs, err)
}
if err := validateDB("exploitdb", c.Exploit.Type, c.Exploit.SQLite3Path, c.Exploit.URL); err != nil {
errs = append(errs, err)
}
for _, err := range errs {
log.Error(err)
}
@@ -279,6 +292,10 @@ func (c Config) ValidateOnReport() bool {
errs = append(errs, strideerrs...)
}
if telegramerrs := c.Telegram.Validate(); 0 < len(telegramerrs) {
errs = append(errs, telegramerrs...)
}
if saaserrs := c.Saas.Validate(); 0 < len(saaserrs) {
errs = append(errs, saaserrs...)
}
@@ -328,39 +345,42 @@ func (c Config) ValidateOnTui() bool {
// validateDB validates configuration
// dictionaryDB name is 'cvedb' or 'ovaldb'
func validateDB(dictionaryDBName, dbType, dbPath, dbURL string) error {
log.Infof("-%s-type: %s, -%s-url: %s, -%s-path: %s",
dictionaryDBName, dbType, dictionaryDBName, dbURL, dictionaryDBName, dbPath)
switch dbType {
case "sqlite3":
if dbURL != "" {
return fmt.Errorf("To use SQLite3, specify -%s-type=sqlite3 and -%s-path. To use as http server mode, specify -%s-type=http and -%s-url",
dictionaryDBName, dictionaryDBName, dictionaryDBName, dictionaryDBName)
}
if ok, _ := valid.IsFilePath(dbPath); !ok {
return fmt.Errorf(
"SQLite3 DB path (%s) must be a *Absolute* file path. -%s-path: %s",
dictionaryDBName,
dictionaryDBName,
dbPath)
return fmt.Errorf("SQLite3 path must be a *Absolute* file path. -%s-path: %s",
dictionaryDBName, dbPath)
}
case "mysql":
if dbURL == "" {
return fmt.Errorf(
`MySQL connection string is needed. -%s-url="user:pass@tcp(localhost:3306)/dbname"`,
return fmt.Errorf(`MySQL connection string is needed. -%s-url="user:pass@tcp(localhost:3306)/dbname"`,
dictionaryDBName)
}
case "postgres":
if dbURL == "" {
return fmt.Errorf(
`PostgreSQL connection string is needed. -%s-url="host=myhost user=user dbname=dbname sslmode=disable password=password"`,
return fmt.Errorf(`PostgreSQL connection string is needed. -%s-url="host=myhost user=user dbname=dbname sslmode=disable password=password"`,
dictionaryDBName)
}
case "redis":
if dbURL == "" {
return fmt.Errorf(
`Redis connection string is needed. -%s-url="redis://localhost/0"`,
return fmt.Errorf(`Redis connection string is needed. -%s-url="redis://localhost/0"`,
dictionaryDBName)
}
case "http":
if dbURL == "" {
return fmt.Errorf(`URL is needed. -%s-url="http://localhost:1323"`,
dictionaryDBName)
}
default:
return fmt.Errorf(
"%s type must be either 'sqlite3', 'mysql', 'postgres' or 'redis'. -%s-type: %s",
dictionaryDBName,
dictionaryDBName,
dbType)
return fmt.Errorf("%s type must be either 'sqlite3', 'mysql', 'postgres', 'redis' or 'http'. -%s-type: %s",
dictionaryDBName, dictionaryDBName, dbType)
}
return nil
}
@@ -546,6 +566,32 @@ func (c *ChatWorkConf) Validate() (errs []error) {
return
}
// TelegramConf is Telegram config
type TelegramConf struct {
Token string `json:"-"`
ChatID string `json:"-"`
}
// Validate validates configuration
func (c *TelegramConf) Validate() (errs []error) {
if !Conf.ToTelegram {
return
}
if len(c.ChatID) == 0 {
errs = append(errs, fmt.Errorf("TelegramConf.ChatID must not be empty"))
}
if len(c.Token) == 0 {
errs = append(errs, fmt.Errorf("TelegramConf.Token must not be empty"))
}
_, err := valid.ValidateStruct(c)
if err != nil {
errs = append(errs, err)
}
return
}
// SaasConf is stride config
type SaasConf struct {
GroupID int `json:"-"`
@@ -783,6 +829,11 @@ func (cnf *GoCveDictConf) Overwrite(cmdOpt GoCveDictConf) {
cnf.setDefault()
}
// IsFetchViaHTTP returns wether fetch via http
func (cnf *GoCveDictConf) IsFetchViaHTTP() bool {
return Conf.CveDict.Type == "http"
}
// GovalDictConf is goval-dictionary config
type GovalDictConf struct {
@@ -837,6 +888,11 @@ func (cnf *GovalDictConf) Overwrite(cmdOpt GovalDictConf) {
cnf.setDefault()
}
// IsFetchViaHTTP returns wether fetch via http
func (cnf *GovalDictConf) IsFetchViaHTTP() bool {
return Conf.OvalDict.Type == "http"
}
// GostConf is gost config
type GostConf struct {
// DB type for gost dictionary (sqlite3, mysql, postgres or redis)
@@ -890,6 +946,11 @@ func (cnf *GostConf) Overwrite(cmdOpt GostConf) {
cnf.setDefault()
}
// IsFetchViaHTTP returns wether fetch via http
func (cnf *GostConf) IsFetchViaHTTP() bool {
return Conf.Gost.Type == "http"
}
// ExploitConf is exploit config
type ExploitConf struct {
// DB type for exploit dictionary (sqlite3, mysql, postgres or redis)
@@ -943,6 +1004,11 @@ func (cnf *ExploitConf) Overwrite(cmdOpt ExploitConf) {
cnf.setDefault()
}
// IsFetchViaHTTP returns wether fetch via http
func (cnf *ExploitConf) IsFetchViaHTTP() bool {
return Conf.Exploit.Type == "http"
}
// AWS is aws config
type AWS struct {
// AWS profile to use
@@ -991,6 +1057,7 @@ type ServerInfo struct {
Containers map[string]ContainerSetting `toml:"containers" json:"containers,omitempty"`
IgnoreCves []string `toml:"ignoreCves,omitempty" json:"ignoreCves,omitempty"`
IgnorePkgsRegexp []string `toml:"ignorePkgsRegexp,omitempty" json:"ignorePkgsRegexp,omitempty"`
GitHubRepos map[string]GitHubConf `toml:"githubs" json:"githubs,omitempty"` // key: owner/repo
UUIDs map[string]string `toml:"uuids,omitempty" json:"uuids,omitempty"`
Memo string `toml:"memo,omitempty" json:"memo"`
Enablerepo []string `toml:"enablerepo,omitempty" json:"enablerepo,omitempty"` // For CentOS, RHEL, Amazon
@@ -1014,6 +1081,23 @@ type ContainerSetting struct {
IgnoreCves []string `json:"ignoreCves,omitempty"`
}
// IntegrationConf is used for integration configuration
type IntegrationConf struct {
GitHubConf map[string]GitHubConf
}
// New creates IntegrationConf and initialize fields
func (c IntegrationConf) New() IntegrationConf {
return IntegrationConf{
GitHubConf: map[string]GitHubConf{},
}
}
// GitHubConf is used for GitHub integration
type GitHubConf struct {
Token string `json:"token"`
}
// ScanMode has a type of scan mode. fast, fast-root, deep and offline
type ScanMode struct {
flag byte

13
config/tomlloader.go
View File

@@ -42,6 +42,7 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
Conf.Stride = conf.Stride
Conf.HipChat = conf.HipChat
Conf.ChatWork = conf.ChatWork
Conf.Telegram = conf.Telegram
Conf.Saas = conf.Saas
Conf.Syslog = conf.Syslog
Conf.HTTP = conf.HTTP
@@ -253,6 +254,18 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
}
}
s.GitHubRepos = v.GitHubRepos
for ownerRepo, githubSetting := range s.GitHubRepos {
if ss := strings.Split(ownerRepo, "/"); len(ss) != 2 {
return fmt.Errorf("Failed to parse GitHub owner/repo: %s in %s",
ownerRepo, serverName)
}
if githubSetting.Token == "" {
return fmt.Errorf("GitHub owner/repo: %s in %s token is empty",
ownerRepo, serverName)
}
}
s.UUIDs = v.UUIDs
s.Type = v.Type

96
exploit/exploit.go
View File

@@ -18,11 +18,13 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
package exploit
import (
"encoding/json"
"fmt"
"net/http"
cnf "github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
"github.com/mozqnet/go-exploitdb/db"
exploitmodels "github.com/mozqnet/go-exploitdb/models"
"github.com/parnurzeal/gorequest"
@@ -30,52 +32,67 @@ import (
// FillWithExploit fills exploit information that has in Exploit
func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err error) {
if isFetchViaHTTP() {
// TODO
return 0, fmt.Errorf("We are not yet supporting data acquisition in exploitdb server mode")
}
if driver == nil {
return 0, nil
}
for cveID, vuln := range r.ScannedCves {
es := driver.GetExploitByCveID(cveID)
if len(es) == 0 {
continue
if cnf.Conf.Exploit.IsFetchViaHTTP() {
var cveIDs []string
for cveID := range r.ScannedCves {
cveIDs = append(cveIDs, cveID)
}
prefix, _ := util.URLPathJoin(cnf.Conf.Exploit.URL, "cves")
responses, err := getCvesViaHTTP(cveIDs, prefix)
if err != nil {
return 0, err
}
for _, res := range responses {
exps := []*exploitmodels.Exploit{}
if err := json.Unmarshal([]byte(res.json), &exps); err != nil {
return 0, err
}
exploits := ConvertToModels(exps)
v, ok := r.ScannedCves[res.request.cveID]
if ok {
v.Exploits = exploits
}
r.ScannedCves[res.request.cveID] = v
nExploitCve++
}
} else {
if driver == nil {
return 0, nil
}
for cveID, vuln := range r.ScannedCves {
es := driver.GetExploitByCveID(cveID)
if len(es) == 0 {
continue
}
exploits := ConvertToModels(es)
vuln.Exploits = exploits
r.ScannedCves[cveID] = vuln
nExploitCve++
}
exploits := ConvertToModel(es)
vuln.Exploits = exploits
r.ScannedCves[cveID] = vuln
nExploitCve++
}
return nExploitCve, nil
}
// ConvertToModel converts gost model to vuls model
func ConvertToModel(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
// ConvertToModels converts gost model to vuls model
func ConvertToModels(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
for _, e := range es {
var documentURL, paperURL, shellURL *string
var description string
if e.Document != nil {
documentURL = &e.Document.DocumentURL
description = e.Document.Description
}
if e.ShellCode != nil {
shellURL = &e.ShellCode.ShellCodeURL
description = e.ShellCode.Description
}
if e.Paper != nil {
paperURL = &e.Paper.PaperURL
description = e.Paper.Description
var documentURL, shellURL *string
if e.OffensiveSecurity != nil {
os := e.OffensiveSecurity
if os.Document != nil {
documentURL = &os.Document.DocumentURL
}
if os.ShellCode != nil {
shellURL = &os.ShellCode.ShellCodeURL
}
}
exploit := models.Exploit{
ExploitType: models.ExploitDB,
ID: e.ExploitDBID,
URL: e.ExploitDBURL,
Description: description,
ExploitType: e.ExploitType,
ID: e.ExploitUniqueID,
URL: e.URL,
Description: e.Description,
DocumentURL: documentURL,
ShellCodeURL: shellURL,
PaperURL: paperURL,
}
exploits = append(exploits, exploit)
}
@@ -84,7 +101,7 @@ func ConvertToModel(es []*exploitmodels.Exploit) (exploits []models.Exploit) {
// CheckHTTPHealth do health check
func CheckHTTPHealth() error {
if !isFetchViaHTTP() {
if !cnf.Conf.Exploit.IsFetchViaHTTP() {
return nil
}
@@ -112,8 +129,3 @@ func CheckIfExploitFresh(driver db.DB, osFamily string) (ok bool, err error) {
//TODO
return true, nil
}
func isFetchViaHTTP() bool {
// Default value of OvalDBType is sqlite3
return cnf.Conf.Exploit.URL != "" && cnf.Conf.Exploit.Type == "sqlite3"
}

144
github/github.go Normal file
View File

@@ -0,0 +1,144 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package github
import (
"bytes"
"context"
"encoding/json"
"fmt"
"net/http"
"time"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
"github.com/k0kubun/pp"
"golang.org/x/oauth2"
)
// FillGitHubSecurityAlerts access to owner/repo on GitHub and fetch scurity alerts of the repository via GitHub API v4 GraphQL and then set to the given ScanResult.
// https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (nCVEs int, err error) {
src := oauth2.StaticTokenSource(
&oauth2.Token{AccessToken: token},
)
httpClient := oauth2.NewClient(context.Background(), src)
// TODO Use `https://github.com/shurcooL/githubv4` if the tool supports vulnerabilityAlerts Endpoint
const jsonfmt = `{"query":
"query { repository(owner:\"%s\", name:\"%s\") { url, vulnerabilityAlerts(first: %d, %s) { pageInfo{ endCursor, hasNextPage, startCursor}, edges { node { id, externalIdentifier, externalReference, fixedIn, packageName, dismissReason, dismissedAt } } } } }"}`
after := ""
for {
jsonStr := fmt.Sprintf(jsonfmt, owner, repo, 100, after)
req, err := http.NewRequest("POST",
"https://api.github.com/graphql",
bytes.NewBuffer([]byte(jsonStr)),
)
if err != nil {
return 0, err
}
// https://developer.github.com/v4/previews/#repository-vulnerability-alerts
// To toggle this preview and access data, need to provide a custom media type in the Accept header:
// MEMO: I tried to get the affected version via GitHub API. Bit it seems difficult to determin the affected version if there are multiple dependency files such as package.json.
// TODO remove this header if it is no longer preview status in the future.
req.Header.Set("Accept", "application/vnd.github.vixen-preview+json")
req.Header.Set("Content-Type", "application/json")
resp, err := httpClient.Do(req)
if err != nil {
return 0, err
}
defer resp.Body.Close()
alerts := SecurityAlerts{}
if json.NewDecoder(resp.Body).Decode(&alerts); err != nil {
return 0, err
}
util.Log.Debugf("%s", pp.Sprint(alerts))
for _, v := range alerts.Data.Repository.VulnerabilityAlerts.Edges {
if config.Conf.IgnoreGitHubDismissed && v.Node.DismissReason != "" {
continue
}
pkgName := fmt.Sprintf("%s %s",
alerts.Data.Repository.URL, v.Node.PackageName)
m := models.GitHubSecurityAlert{
PackageName: pkgName,
FixedIn: v.Node.FixedIn,
AffectedRange: v.Node.AffectedRange,
Dismissed: len(v.Node.DismissReason) != 0,
DismissedAt: v.Node.DismissedAt,
DismissReason: v.Node.DismissReason,
}
cveID := v.Node.ExternalIdentifier
if val, ok := r.ScannedCves[cveID]; ok {
val.GitHubSecurityAlerts = val.GitHubSecurityAlerts.Add(m)
r.ScannedCves[cveID] = val
nCVEs++
} else {
v := models.VulnInfo{
CveID: cveID,
Confidences: models.Confidences{models.GitHubMatch},
GitHubSecurityAlerts: models.GitHubSecurityAlerts{m},
}
r.ScannedCves[cveID] = v
nCVEs++
}
}
if !alerts.Data.Repository.VulnerabilityAlerts.PageInfo.HasNextPage {
break
}
after = fmt.Sprintf(`after: \"%s\"`, alerts.Data.Repository.VulnerabilityAlerts.PageInfo.EndCursor)
}
return nCVEs, err
}
//SecurityAlerts has detected CVE-IDs, PackageNames, Refs
type SecurityAlerts struct {
Data struct {
Repository struct {
URL string `json:"url,omitempty"`
VulnerabilityAlerts struct {
PageInfo struct {
EndCursor string `json:"endCursor,omitempty"`
HasNextPage bool `json:"hasNextPage,omitempty"`
StartCursor string `json:"startCursor,omitempty"`
} `json:"pageInfo,omitempty"`
Edges []struct {
Node struct {
ID string `json:"id,omitempty"`
ExternalIdentifier string `json:"externalIdentifier,omitempty"`
ExternalReference string `json:"externalReference,omitempty"`
FixedIn string `json:"fixedIn,omitempty"`
AffectedRange string `json:"affectedRange,omitempty"`
PackageName string `json:"packageName,omitempty"`
DismissReason string `json:"dismissReason,omitempty"`
DismissedAt time.Time `json:"dismissedAt,omitempty"`
} `json:"node,omitempty"`
} `json:"edges,omitempty"`
} `json:"vulnerabilityAlerts,omitempty"`
} `json:"repository,omitempty"`
} `json:"data,omitempty"`
}

8
gost/debian.go
View File

@@ -55,7 +55,7 @@ func (deb Debian) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, e
}
packCvesList := []packCves{}
if deb.isFetchViaHTTP() {
if config.Conf.Gost.IsFetchViaHTTP() {
url, _ := util.URLPathJoin(config.Conf.Gost.URL, "debian", major(r.Release), "pkgs")
responses, err := getAllUnfixedCvesViaHTTP(r, url)
if err != nil {
@@ -115,7 +115,11 @@ func (deb Debian) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, e
for _, cve := range p.cves {
v, ok := r.ScannedCves[cve.CveID]
if ok {
v.CveContents[models.DebianSecurityTracker] = cve
if v.CveContents == nil {
v.CveContents = models.NewCveContents(cve)
} else {
v.CveContents[models.DebianSecurityTracker] = cve
}
} else {
v = models.VulnInfo{
CveID: cve.CveID,

7
gost/gost.go
View File

@@ -60,7 +60,7 @@ type Base struct {
// CheckHTTPHealth do health check
func (b Base) CheckHTTPHealth() error {
if !b.isFetchViaHTTP() {
if !cnf.Conf.Gost.IsFetchViaHTTP() {
return nil
}
@@ -89,11 +89,6 @@ func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err erro
return true, nil
}
func (b Base) isFetchViaHTTP() bool {
// Default value of OvalDBType is sqlite3
return cnf.Conf.Gost.URL != "" && cnf.Conf.Gost.Type == "sqlite3"
}
// Pseudo is Gost client except for RedHat family and Debian
type Pseudo struct {
Base

3
gost/microsoft.go
View File

@@ -45,6 +45,9 @@ func (ms Microsoft) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int,
}
cveCont := ms.ConvertToModel(&msCve)
v, _ := r.ScannedCves[cveID]
if v.CveContents == nil {
v.CveContents = models.CveContents{}
}
v.CveContents[models.Microsoft] = *cveCont
r.ScannedCves[cveID] = v
}

57
gost/redhat.go
View File

@@ -51,7 +51,7 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
cveIDs = append(cveIDs, cveID)
}
if red.isFetchViaHTTP() {
if config.Conf.Gost.IsFetchViaHTTP() {
prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
"redhat", "cves")
responses, err := getCvesViaHTTP(cveIDs, prefix)
@@ -67,8 +67,20 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
continue
}
cveCont := red.ConvertToModel(&redCve)
v, _ := r.ScannedCves[res.request.cveID]
v.CveContents[models.RedHatAPI] = *cveCont
v, ok := r.ScannedCves[res.request.cveID]
if ok {
if v.CveContents == nil {
v.CveContents = models.NewCveContents(*cveCont)
} else {
v.CveContents[models.RedHatAPI] = *cveCont
}
} else {
v = models.VulnInfo{
CveID: cveCont.CveID,
CveContents: models.NewCveContents(*cveCont),
Confidences: models.Confidences{models.RedHatAPIMatch},
}
}
r.ScannedCves[res.request.cveID] = v
}
} else {
@@ -80,8 +92,20 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
continue
}
cveCont := red.ConvertToModel(&redCve)
v, _ := r.ScannedCves[cveID]
v.CveContents[models.RedHatAPI] = *cveCont
v, ok := r.ScannedCves[cveID]
if ok {
if v.CveContents == nil {
v.CveContents = models.NewCveContents(*cveCont)
} else {
v.CveContents[models.RedHatAPI] = *cveCont
}
} else {
v = models.VulnInfo{
CveID: cveCont.CveID,
CveContents: models.NewCveContents(*cveCont),
Confidences: models.Confidences{models.RedHatAPIMatch},
}
}
r.ScannedCves[cveID] = v
}
}
@@ -90,7 +114,7 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
}
func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
if red.isFetchViaHTTP() {
if config.Conf.Gost.IsFetchViaHTTP() {
prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
"redhat", major(r.Release), "pkgs")
responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
@@ -108,14 +132,10 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
cveCont := red.ConvertToModel(&cve)
v, ok := r.ScannedCves[cve.Name]
if ok {
if _, ok := v.CveContents[models.RedHatAPI]; ok {
v.CveContents[models.RedHatAPI] = *cveCont
if v.CveContents == nil {
v.CveContents = models.NewCveContents(*cveCont)
} else {
v = models.VulnInfo{
CveID: cveCont.CveID,
CveContents: models.NewCveContents(*cveCont),
Confidences: models.Confidences{models.RedHatAPIMatch},
}
v.CveContents[models.RedHatAPI] = *cveCont
}
} else {
v = models.VulnInfo{
@@ -125,7 +145,6 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
}
nCVEs++
}
pkgStats := red.mergePackageStates(v,
cve.PackageState, r.Packages, r.Release)
if 0 < len(pkgStats) {
@@ -146,14 +165,10 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
cveCont := red.ConvertToModel(&cve)
v, ok := r.ScannedCves[cve.Name]
if ok {
if _, ok := v.CveContents[models.RedHatAPI]; ok {
v.CveContents[models.RedHatAPI] = *cveCont
if v.CveContents == nil {
v.CveContents = models.NewCveContents(*cveCont)
} else {
v = models.VulnInfo{
CveID: cveCont.CveID,
CveContents: models.NewCveContents(*cveCont),
Confidences: models.Confidences{models.RedHatAPIMatch},
}
v.CveContents[models.RedHatAPI] = *cveCont
}
} else {
v = models.VulnInfo{

34
models/scanresults.go
View File

@@ -24,6 +24,8 @@ import (
"strings"
"time"
"github.com/future-architect/vuls/alert"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/cwe"
"github.com/future-architect/vuls/util"
@@ -45,9 +47,12 @@ type ScanResult struct {
IPv4Addrs []string `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
IPv6Addrs []string `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
ScannedAt time.Time `json:"scannedAt"`
ScanMode string `json:"scanMode"`
ScannedVersion string `json:"scannedVersion"`
ScannedRevision string `json:"scannedRevision"`
ScannedBy string `json:"scannedBy"`
ScannedIPv4Addrs []string `json:"scannedIpv4Addrs"`
ScannedIPv6Addrs []string `json:"scannedIpv6Addrs"`
ReportedAt time.Time `json:"reportedAt"`
ReportedVersion string `json:"reportedVersion"`
ReportedRevision string `json:"reportedRevision"`
@@ -106,6 +111,12 @@ type CweDictEntry struct {
OwaspTopTen2017 string `json:"owaspTopTen2017"`
}
// GetAlertsByCveID return alerts fetched by cveID
func GetAlertsByCveID(cveID string, lang string) (alerts []alert.Alert) {
alerts = alert.GenerateAlertDict(cveID, lang)
return alerts
}
// Kernel has the Release, version and whether need restart
type Kernel struct {
Release string `json:"release"`
@@ -171,6 +182,9 @@ func (r ScanResult) FilterUnfixed() ScanResult {
return r
}
filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
if len(v.CpeURIs) != 0 {
return true
}
NotFixedAll := true
for _, p := range v.AffectedPackages {
NotFixedAll = NotFixedAll && p.NotFixedYet
@@ -309,13 +323,14 @@ func (r ScanResult) FormatTextReportHeadedr() string {
buf.WriteString("=")
}
return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s\n",
return fmt.Sprintf("%s\n%s\n%s, %s, %s, %s, %s\n",
r.ServerInfo(),
buf.String(),
r.ScannedCves.FormatCveSummary(),
r.ScannedCves.FormatFixedStatus(r.Packages),
r.FormatUpdatablePacksSummary(),
r.FormatExploitCveSummary(),
r.FormatAlertSummary(),
)
}
@@ -347,7 +362,22 @@ func (r ScanResult) FormatExploitCveSummary() string {
nExploitCve++
}
}
return fmt.Sprintf("%d cves with exploit", nExploitCve)
return fmt.Sprintf("%d exploits", nExploitCve)
}
// FormatAlertSummary returns a summary of XCERT alerts
func (r ScanResult) FormatAlertSummary() string {
jaCnt := 0
enCnt := 0
for _, vuln := range r.ScannedCves {
if len(vuln.AlertDict.En) > 0 {
enCnt += len(vuln.AlertDict.En)
}
if len(vuln.AlertDict.Ja) > 0 {
jaCnt += len(vuln.AlertDict.Ja)
}
}
return fmt.Sprintf("en: %d, ja: %d alerts", enCnt, jaCnt)
}
func (r ScanResult) isDisplayUpdatableNum() bool {

146
models/vulninfos.go
View File

@@ -24,7 +24,10 @@ import (
"strings"
"time"
"github.com/future-architect/vuls/alert"
"github.com/future-architect/vuls/config"
exploitmodels "github.com/mozqnet/go-exploitdb/models"
)
// VulnInfos has a map of VulnInfo
@@ -160,13 +163,47 @@ type PackageStatus struct {
// VulnInfo has a vulnerability information and unsecure packages
type VulnInfo struct {
CveID string `json:"cveID"`
Confidences Confidences `json:"confidences"`
AffectedPackages PackageStatuses `json:"affectedPackages"`
CveID string `json:"cveID,omitempty"`
Confidences Confidences `json:"confidences,omitempty"`
AffectedPackages PackageStatuses `json:"affectedPackages,omitempty"`
DistroAdvisories []DistroAdvisory `json:"distroAdvisories,omitempty"` // for Aamazon, RHEL, FreeBSD
CpeURIs []string `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
CveContents CveContents `json:"cveContents"`
Exploits []Exploit `json:"exploits"`
CveContents CveContents `json:"cveContents,omitempty"`
Exploits []Exploit `json:"exploits,omitempty"`
AlertDict AlertDict `json:"alertDict,omitempty"`
CpeURIs []string `json:"cpeURIs,omitempty"` // CpeURIs related to this CVE defined in config.toml
GitHubSecurityAlerts GitHubSecurityAlerts `json:"gitHubSecurityAlerts,omitempty"`
}
// GitHubSecurityAlerts is a list of GitHubSecurityAlert
type GitHubSecurityAlerts []GitHubSecurityAlert
// Add adds given arg to the slice and return the slice (imutable)
func (g GitHubSecurityAlerts) Add(alert GitHubSecurityAlert) GitHubSecurityAlerts {
for _, a := range g {
if a.PackageName == alert.PackageName {
return g
}
}
return append(g, alert)
}
func (g GitHubSecurityAlerts) String() string {
ss := []string{}
for _, a := range g {
ss = append(ss, a.PackageName)
}
return strings.Join(ss, ", ")
}
// GitHubSecurityAlert has detected CVE-ID, PackageName, Status fetched via GitHub API
type GitHubSecurityAlert struct {
PackageName string `json:"packageName"`
FixedIn string `json:"fixedIn"`
AffectedRange string `json:"affectedRange"`
Dismissed bool `json:"dismissed"`
DismissedAt time.Time `json:"dismissedAt"`
DismissReason string `json:"dismissReason"`
}
// Titles returns tilte (TUI)
@@ -274,7 +311,7 @@ func (v VulnInfo) Mitigations(myFamily string) (values []CveContentStr) {
// Cvss2Scores returns CVSS V2 Scores
func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
order := []CveContentType{Nvd, NvdXML, RedHat, Jvn}
order := []CveContentType{Nvd, NvdXML, RedHatAPI, RedHat, Jvn}
if myFamily != config.RedHat && myFamily != config.CentOS {
order = append(order, NewCveContentType(myFamily))
}
@@ -296,26 +333,6 @@ func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
}
}
for _, v := range values {
if v.Type == RedHat {
return
}
}
// Set the CVSS v2 score of vuln that exists only in gost.
// Unfixed vulnerabilities detected by gost are not in OVAL, because
// OVAL data has only vulnerabilities for already fixed.
if cont, found := v.CveContents[RedHatAPI]; found {
values = append(values, CveContentCvss{
Type: RedHatAPI,
Value: Cvss{
Type: CVSS2,
Score: cont.Cvss2Score,
Vector: cont.Cvss2Vector,
Severity: strings.ToUpper(cont.Cvss2Severity),
},
})
}
for _, adv := range v.DistroAdvisories {
if adv.Severity != "" {
values = append(values, CveContentCvss{
@@ -358,7 +375,7 @@ func (v VulnInfo) Cvss2Scores(myFamily string) (values []CveContentCvss) {
// Cvss3Scores returns CVSS V3 Score
func (v VulnInfo) Cvss3Scores() (values []CveContentCvss) {
order := []CveContentType{Nvd, RedHat, Jvn}
order := []CveContentType{Nvd, RedHatAPI, RedHat, Jvn}
for _, ctype := range order {
if cont, found := v.CveContents[ctype]; found {
// https://nvd.nist.gov/vuln-metrics/cvss
@@ -373,27 +390,6 @@ func (v VulnInfo) Cvss3Scores() (values []CveContentCvss) {
})
}
}
for _, v := range values {
if v.Type == RedHat {
return
}
}
// Set the CVSS v3 score of vuln that exists only in gost.
// Unfixed vulnerabilities detected by gost are not in OVAL, because
// OVAL data has only vulnerabilities for already fixed.
if cont, found := v.CveContents[RedHatAPI]; found {
values = append(values, CveContentCvss{
Type: RedHatAPI,
Value: Cvss{
Type: CVSS3,
Score: cont.Cvss3Score,
Vector: cont.Cvss3Vector,
Severity: strings.ToUpper(cont.Cvss3Severity),
},
})
}
return
}
@@ -714,24 +710,38 @@ func (p DistroAdvisory) Format() string {
return strings.Join(buf, "\n")
}
// ExploitType is exploit type
type ExploitType string
const (
// ExploitDB : https://www.exploit-db.com/
ExploitDB ExploitType = "exploitdb"
)
// Exploit :
type Exploit struct {
ExploitType ExploitType `json:"exploitType"`
ID string `json:"id"`
URL string `json:"url"`
Description string `json:"description"`
DocumentURL *string `json:"documentURL,omitempty"`
PaperURL *string `json:"paperURL,omitempty"`
ShellCodeURL *string `json:"shellCodeURL,omitempty"`
BinaryURL *string `json:"binaryURL,omitempty"`
ExploitType exploitmodels.ExploitType `json:"exploitType"`
ID string `json:"id"`
URL string `json:"url"`
Description string `json:"description"`
DocumentURL *string `json:"documentURL,omitempty"`
ShellCodeURL *string `json:"shellCodeURL,omitempty"`
BinaryURL *string `json:"binaryURL,omitempty"`
}
// AlertDict has target cve's JPCERT and USCERT alert data
type AlertDict struct {
Ja []alert.Alert `json:"ja"`
En []alert.Alert `json:"en"`
}
// HasAlert returns whether or not it has En or Ja entries.
func (a AlertDict) HasAlert() bool {
return len(a.En) != 0 || len(a.Ja) != 0
}
// FormatSource returns which source has this alert
func (a AlertDict) FormatSource() string {
s := []string{}
if len(a.En) != 0 {
s = append(s, "USCERT")
}
if len(a.Ja) != 0 {
s = append(s, "JPCERT")
}
return strings.Join(s, "/")
}
// Confidences is a list of Confidence
@@ -797,6 +807,9 @@ const (
// ChangelogLenientMatchStr is a String representation of ChangelogLenientMatch
ChangelogLenientMatchStr = "ChangelogLenientMatch"
// GitHubMatchStr is a String representation of GitHubMatch
GitHubMatchStr = "GitHubMatch"
// FailedToGetChangelog is a String representation of FailedToGetChangelog
FailedToGetChangelog = "FailedToGetChangelog"
@@ -828,4 +841,7 @@ var (
// ChangelogLenientMatch is a ranking how confident the CVE-ID was deteted correctly
ChangelogLenientMatch = Confidence{50, ChangelogLenientMatchStr, 4}
// GitHubMatch is a ranking how confident the CVE-ID was deteted correctly
GitHubMatch = Confidence{97, GitHubMatchStr, 2}
)

2
oval/alpine.go
View File

@@ -41,7 +41,7 @@ func NewAlpine() Alpine {
// FillWithOval returns scan result after updating CVE info by OVAL
func (o Alpine) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
var relatedDefs ovalResult
if o.IsFetchViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
return 0, err
}

4
oval/debian.go
View File

@@ -133,7 +133,7 @@ func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
}
var relatedDefs ovalResult
if o.IsFetchViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
return 0, err
}
@@ -243,7 +243,7 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
}
var relatedDefs ovalResult
if o.IsFetchViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
return 0, err
}

13
oval/oval.go
View File

@@ -38,7 +38,6 @@ type Client interface {
// CheckIfOvalFetched checks if oval entries are in DB by family, release.
CheckIfOvalFetched(db.DB, string, string) (bool, error)
CheckIfOvalFresh(db.DB, string, string) (bool, error)
IsFetchViaHTTP() bool
}
// Base is a base struct
@@ -48,7 +47,7 @@ type Base struct {
// CheckHTTPHealth do health check
func (b Base) CheckHTTPHealth() error {
if !b.IsFetchViaHTTP() {
if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
return nil
}
@@ -67,7 +66,7 @@ func (b Base) CheckHTTPHealth() error {
// CheckIfOvalFetched checks if oval entries are in DB by family, release.
func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetched bool, err error) {
if !b.IsFetchViaHTTP() {
if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
count, err := driver.CountDefs(osFamily, release)
if err != nil {
return false, fmt.Errorf("Failed to count OVAL defs: %s, %s, %v",
@@ -93,7 +92,7 @@ func (b Base) CheckIfOvalFetched(driver db.DB, osFamily, release string) (fetche
// CheckIfOvalFresh checks if oval entries are fresh enough
func (b Base) CheckIfOvalFresh(driver db.DB, osFamily, release string) (ok bool, err error) {
var lastModified time.Time
if !b.IsFetchViaHTTP() {
if !cnf.Conf.OvalDict.IsFetchViaHTTP() {
lastModified = driver.GetLastModified(osFamily, release)
} else {
url, _ := util.URLPathJoin(cnf.Conf.OvalDict.URL, "lastmodified", osFamily, release)
@@ -119,9 +118,3 @@ func (b Base) CheckIfOvalFresh(driver db.DB, osFamily, release string) (ok bool,
util.Log.Infof("OVAL is fresh: %s %s ", osFamily, release)
return true, nil
}
// IsFetchViaHTTP checks whether fetch via HTTP
func (b Base) IsFetchViaHTTP() bool {
// Default value of OvalDBType is sqlite3
return cnf.Conf.OvalDict.URL != "" && cnf.Conf.OvalDict.Type == "sqlite3"
}

2
oval/redhat.go
View File

@@ -37,7 +37,7 @@ type RedHatBase struct {
// FillWithOval returns scan result after updating CVE info by OVAL
func (o RedHatBase) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
var relatedDefs ovalResult
if o.IsFetchViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
return 0, err
}

2
oval/suse.go
View File

@@ -43,7 +43,7 @@ func NewSUSE() SUSE {
// FillWithOval returns scan result after updating CVE info by OVAL
func (o SUSE) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
var relatedDefs ovalResult
if o.IsFetchViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
return 0, err
}

14
report/cve_client.go
View File

@@ -45,7 +45,7 @@ func (api *cvedictClient) initialize() {
}
func (api cvedictClient) CheckHealth() error {
if !api.isFetchViaHTTP() {
if !config.Conf.CveDict.IsFetchViaHTTP() {
util.Log.Debugf("get cve-dictionary from %s", config.Conf.CveDict.Type)
return nil
}
@@ -69,7 +69,7 @@ type response struct {
}
func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cve.CveDetail, err error) {
if !api.isFetchViaHTTP() {
if !config.Conf.CveDict.IsFetchViaHTTP() {
for _, cveID := range cveIDs {
cveDetail, err := driver.Get(cveID)
if err != nil {
@@ -176,16 +176,8 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
}
}
func (api cvedictClient) isFetchViaHTTP() bool {
// Default value of CveDBType is sqlite3
if config.Conf.CveDict.URL != "" && config.Conf.CveDict.Type == "sqlite3" {
return true
}
return false
}
func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cve.CveDetail, error) {
if api.isFetchViaHTTP() {
if config.Conf.CveDict.IsFetchViaHTTP() {
api.baseURL = config.Conf.CveDict.URL
url, err := util.URLPathJoin(api.baseURL, "cpes")
if err != nil {

29
report/db_client.go
View File

@@ -29,26 +29,13 @@ type DBClientConf struct {
DebugSQL bool
}
func (c DBClientConf) isCveDBViaHTTP() bool {
return c.CveDictCnf.URL != "" && c.CveDictCnf.Type == "sqlite3"
}
func (c DBClientConf) isOvalViaHTTP() bool {
return c.OvalDictCnf.URL != "" && c.OvalDictCnf.Type == "sqlite3"
}
func (c DBClientConf) isGostViaHTTP() bool {
return c.GostCnf.URL != "" && c.GostCnf.Type == "sqlite3"
}
func (c DBClientConf) isExploitViaHTTP() bool {
return c.ExploitCnf.URL != "" && c.ExploitCnf.Type == "sqlite3"
}
// NewDBClient returns db clients
func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error) {
cveDriver, locked, err := NewCveDB(cnf)
if err != nil {
if locked {
return nil, true, fmt.Errorf("CveDB is locked: %s",
cnf.OvalDictCnf.SQLite3Path)
} else if err != nil {
return nil, locked, err
}
@@ -89,7 +76,7 @@ func NewDBClient(cnf DBClientConf) (dbclient *DBClient, locked bool, err error)
// NewCveDB returns cve db client
func NewCveDB(cnf DBClientConf) (driver cvedb.DB, locked bool, err error) {
if cnf.isCveDBViaHTTP() {
if config.Conf.CveDict.IsFetchViaHTTP() {
return nil, false, nil
}
util.Log.Debugf("open cve-dictionary db (%s)", cnf.CveDictCnf.Type)
@@ -109,7 +96,7 @@ func NewCveDB(cnf DBClientConf) (driver cvedb.DB, locked bool, err error) {
// NewOvalDB returns oval db client
func NewOvalDB(cnf DBClientConf) (driver ovaldb.DB, locked bool, err error) {
if cnf.isOvalViaHTTP() {
if config.Conf.OvalDict.IsFetchViaHTTP() {
return nil, false, nil
}
path := cnf.OvalDictCnf.URL
@@ -136,7 +123,7 @@ func NewOvalDB(cnf DBClientConf) (driver ovaldb.DB, locked bool, err error) {
// NewGostDB returns db client for Gost
func NewGostDB(cnf DBClientConf) (driver gostdb.DB, locked bool, err error) {
if cnf.isGostViaHTTP() {
if config.Conf.Gost.IsFetchViaHTTP() {
return nil, false, nil
}
path := cnf.GostCnf.URL
@@ -162,7 +149,7 @@ func NewGostDB(cnf DBClientConf) (driver gostdb.DB, locked bool, err error) {
// NewExploitDB returns db client for Exploit
func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error) {
if cnf.isExploitViaHTTP() {
if config.Conf.Exploit.IsFetchViaHTTP() {
return nil, false, nil
}
path := cnf.ExploitCnf.URL

6
report/email.go
View File

@@ -58,7 +58,11 @@ func (w EMailWriter) Write(rs ...models.ScanResult) (err error) {
r.ServerInfo(),
r.ScannedCves.FormatCveSummary())
}
message = formatFullPlainText(r)
if conf.FormatList {
message = formatList(r)
} else {
message = formatFullPlainText(r)
}
if err := sender.Send(subject, message); err != nil {
return err
}

70
report/report.go
View File

@@ -33,6 +33,7 @@ import (
"github.com/future-architect/vuls/contrib/owasp-dependency-check/parser"
"github.com/future-architect/vuls/cwe"
"github.com/future-architect/vuls/exploit"
"github.com/future-architect/vuls/github"
"github.com/future-architect/vuls/gost"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/oval"
@@ -56,6 +57,9 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
hostname, _ := os.Hostname()
for _, r := range rs {
if c.Conf.RefreshCve || needToRefreshCve(r) {
if ovalSupported(&r) {
r.ScannedCves = models.VulnInfos{}
}
cpeURIs := []string{}
if len(r.Container.ContainerID) == 0 {
cpeURIs = c.Conf.Servers[r.ServerName].CpeNames
@@ -141,7 +145,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
}
// FillCveInfo fill scanResult with cve info.
func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string) error {
func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, integrations ...c.IntegrationConf) error {
util.Log.Debugf("need to refresh")
nCVEs, err := FillWithOval(dbclient.OvalDB, r)
@@ -166,6 +170,17 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string) erro
}
util.Log.Infof("%s: %d CVEs are detected with CPE", r.FormatServerName(), nCVEs)
if len(integrations) != 0 {
for k, v := range integrations[0].GitHubConf {
c.Conf.Servers[r.ServerName].GitHubRepos[k] = v
}
}
nCVEs, err = fillGitHubSecurityAlerts(r)
if err != nil {
return fmt.Errorf("Failed to access GitHub Security Alerts: %s", err)
}
util.Log.Infof("%s: %d CVEs are detected with GitHub Security Alerts", r.FormatServerName(), nCVEs)
nCVEs, err = FillWithGost(dbclient.GostDB, r)
if err != nil {
return fmt.Errorf("Failed to fill with gost: %s", err)
@@ -178,14 +193,18 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string) erro
return fmt.Errorf("Failed to fill with CVE: %s", err)
}
util.Log.Infof("Fill Exploit information with Exploit-DB")
util.Log.Infof("Fill exploit information with Exploit-DB")
nExploitCve, err := FillWithExploit(dbclient.ExploitDB, r)
if err != nil {
return fmt.Errorf("Failed to fill with exploit: %s", err)
}
util.Log.Infof("%s: %d Exploits are detected with exploit",
util.Log.Infof("%s: %d exploits are detected",
r.FormatServerName(), nExploitCve)
enAlertCnt, jaAlertCnt := fillAlerts(r)
util.Log.Infof("%s: en: %d, ja: %d alerts are detected",
r.FormatServerName(), enAlertCnt, jaAlertCnt)
fillCweDict(r)
return nil
}
@@ -266,16 +285,16 @@ func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error)
return 0, fmt.Errorf("OVAL for %s is not implemented yet", r.Family)
}
if !ovalClient.IsFetchViaHTTP() && driver == nil {
return 0, nil
if !c.Conf.OvalDict.IsFetchViaHTTP() {
if driver == nil {
return 0, nil
}
if err = driver.NewOvalDB(ovalFamily); err != nil {
return 0, fmt.Errorf("Failed to New Oval DB. err: %s", err)
}
}
if err = driver.NewOvalDB(ovalFamily); err != nil {
return 0, fmt.Errorf("Failed to New Oval DB. err: %s", err)
}
util.Log.Debugf("Check whether oval fetched: %s %s",
ovalFamily, r.Release)
util.Log.Debugf("Check whether oval fetched: %s %s", ovalFamily, r.Release)
ok, err := ovalClient.CheckIfOvalFetched(driver, ovalFamily, r.Release)
if err != nil {
return 0, err
@@ -337,6 +356,21 @@ func fillVulnByCpeURIs(driver cvedb.DB, r *models.ScanResult, cpeURIs []string)
return nCVEs, nil
}
// https://help.github.com/articles/about-security-alerts-for-vulnerable-dependencies/
func fillGitHubSecurityAlerts(r *models.ScanResult) (nCVEs int, err error) {
repos := c.Conf.Servers[r.ServerName].GitHubRepos
for ownerRepo, setting := range repos {
ss := strings.Split(ownerRepo, "/")
owner, repo := ss[0], ss[1]
n, err := github.FillGitHubSecurityAlerts(r, owner, repo, setting.Token)
if err != nil {
return 0, err
}
nCVEs += n
}
return nCVEs, nil
}
func fillCweDict(r *models.ScanResult) {
uniqCweIDMap := map[string]bool{}
for _, vinfo := range r.ScannedCves {
@@ -383,6 +417,20 @@ func fillCweDict(r *models.ScanResult) {
return
}
func fillAlerts(r *models.ScanResult) (enCnt int, jaCnt int) {
for cveID, vuln := range r.ScannedCves {
enAs, jaAs := models.GetAlertsByCveID(cveID, "en"), models.GetAlertsByCveID(cveID, "ja")
vuln.AlertDict = models.AlertDict{
Ja: jaAs,
En: enAs,
}
r.ScannedCves[cveID] = vuln
enCnt += len(enAs)
jaCnt += len(jaAs)
}
return enCnt, jaCnt
}
const reUUID = "[\\da-f]{8}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{12}"
// EnsureUUIDs generate a new UUID of the scan target server if UUID is not assigned yet.

17
report/slack.go
View File

@@ -39,12 +39,11 @@ type field struct {
}
type message struct {
Text string `json:"text"`
Username string `json:"username"`
IconEmoji string `json:"icon_emoji"`
Channel string `json:"channel"`
ThreadTimeStamp string `json:"thread_ts"`
Attachments []slack.Attachment `json:"attachments"`
Text string `json:"text"`
Username string `json:"username"`
IconEmoji string `json:"icon_emoji"`
Channel string `json:"channel"`
Attachments []slack.Attachment `json:"attachments"`
}
// SlackWriter send report to slack
@@ -208,6 +207,9 @@ func toSlackAttachments(r models.ScanResult) (attaches []slack.Attachment) {
for _, n := range vinfo.CpeURIs {
curent = append(curent, n)
}
for _, n := range vinfo.GitHubSecurityAlerts {
curent = append(curent, n.PackageName)
}
new := []string{}
for _, affected := range vinfo.AffectedPackages {
@@ -224,6 +226,9 @@ func toSlackAttachments(r models.ScanResult) (attaches []slack.Attachment) {
for range vinfo.CpeURIs {
new = append(new, "?")
}
for range vinfo.GitHubSecurityAlerts {
new = append(new, "?")
}
a := slack.Attachment{
Title: vinfo.CveID,

77
report/telegram.go Normal file
View File

@@ -0,0 +1,77 @@
package report
import (
"bytes"
"fmt"
"net/http"
"strconv"
"strings"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
)
// TelegramWriter sends report to Telegram
type TelegramWriter struct{}
func (w TelegramWriter) Write(rs ...models.ScanResult) (err error) {
conf := config.Conf.Telegram
for _, r := range rs {
msgs := []string{fmt.Sprintf("*%s*\n%s\n%s\n%s",
r.ServerInfo(),
r.ScannedCves.FormatCveSummary(),
r.ScannedCves.FormatFixedStatus(r.Packages),
r.FormatUpdatablePacksSummary())}
for _, vinfo := range r.ScannedCves {
maxCvss := vinfo.MaxCvssScore()
severity := strings.ToUpper(maxCvss.Value.Severity)
if severity == "" {
severity = "?"
}
msgs = append(msgs, fmt.Sprintf(`[%s](https://nvd.nist.gov/vuln/detail/%s) _%s %s %s_\n%s`,
vinfo.CveID,
vinfo.CveID,
strconv.FormatFloat(maxCvss.Value.Score, 'f', 1, 64),
severity,
maxCvss.Value.Vector,
vinfo.Summaries(config.Conf.Lang, r.Family)[0].Value))
if len(msgs) == 5 {
if err = sendMessage(conf.ChatID, conf.Token, strings.Join(msgs, "\n\n")); err != nil {
return err
}
msgs = []string{}
}
}
if len(msgs) != 0 {
if err = sendMessage(conf.ChatID, conf.Token, strings.Join(msgs, "\n\n")); err != nil {
return err
}
}
}
return nil
}
func sendMessage(chatID, token, message string) error {
uri := fmt.Sprintf("https://api.telegram.org/bot%s/sendMessage", token)
payload := `{"text": "` + strings.Replace(message, `"`, `\"`, -1) + `", "chat_id": "` + chatID + `", "parse_mode": "Markdown" }`
req, err := http.NewRequest("POST", uri, bytes.NewBuffer([]byte(payload)))
req.Header.Add("Content-Type", "application/json")
if err != nil {
return err
}
client := &http.Client{}
resp, err := client.Do(req)
if checkResponse(resp) != nil && err != nil {
fmt.Println(err)
return err
}
defer resp.Body.Close()
return nil
}
func checkResponse(r *http.Response) error {
if c := r.StatusCode; 200 <= c && c <= 299 {
return nil
}
return fmt.Errorf("API call to %s failed: %s", r.Request.URL.String(), r.Status)
}

1
report/telegram_test.go Normal file
View File

@@ -0,0 +1 @@
package report

39
report/tui.go
View File

@@ -26,6 +26,8 @@ import (
"text/template"
"time"
"github.com/future-architect/vuls/alert"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
@@ -634,11 +636,17 @@ func summaryLines(r models.ScanResult) string {
packname := vinfo.AffectedPackages.FormatTuiSummary()
packname += strings.Join(vinfo.CpeURIs, ", ")
packname += vinfo.GitHubSecurityAlerts.String()
alert := " "
if vinfo.AlertDict.HasAlert() {
alert = "! "
}
var cols []string
cols = []string{
fmt.Sprintf(indexFormat, i+1),
vinfo.CveID,
alert + vinfo.CveID,
cvssScore + " |",
fmt.Sprintf("%8s |", vinfo.AttackVector()),
fmt.Sprintf("%7s |", vinfo.PatchStatus(r.Packages)),
@@ -735,6 +743,10 @@ func setChangelogLayout(g *gocui.Gui) error {
lines = append(lines, "* "+uri)
}
for _, alert := range vinfo.GitHubSecurityAlerts {
lines = append(lines, "* "+alert.PackageName)
}
for _, adv := range vinfo.DistroAdvisories {
lines = append(lines, "\n",
"Advisories",
@@ -753,6 +765,30 @@ func setChangelogLayout(g *gocui.Gui) error {
}
}
if len(vinfo.AlertDict.En) > 0 {
lines = append(lines, "\n",
"USCERT Alert",
"=============",
)
for _, alert := range vinfo.AlertDict.En {
lines = append(lines, fmt.Sprintf("* [%s](%s)", alert.Title, alert.URL))
}
}
if len(vinfo.AlertDict.Ja) > 0 {
lines = append(lines, "\n",
"JPCERT Alert",
"=============",
)
for _, alert := range vinfo.AlertDict.Ja {
if config.Conf.Lang == "ja" {
lines = append(lines, fmt.Sprintf("* [%s](%s)", alert.Title, alert.URL))
} else {
lines = append(lines, fmt.Sprintf("* [JPCERT](%s)", alert.URL))
}
}
}
if currentScanResult.IsDeepScanMode() {
lines = append(lines, "\n",
"ChangeLogs",
@@ -785,6 +821,7 @@ type dataForTmpl struct {
Mitigation string
Confidences models.Confidences
Cwes []models.CweDictEntry
Alerts []alert.Alert
Links []string
References []models.Reference
Packages []string

37
report/util.go
View File

@@ -50,7 +50,6 @@ func formatScanSummary(rs ...models.ScanResult) string {
r.FormatServerName(),
fmt.Sprintf("%s%s", r.Family, r.Release),
r.FormatUpdatablePacksSummary(),
r.FormatExploitCveSummary(),
}
} else {
cols = []interface{}{
@@ -78,6 +77,7 @@ func formatOneLineSummary(rs ...models.ScanResult) string {
r.ScannedCves.FormatFixedStatus(r.Packages),
r.FormatUpdatablePacksSummary(),
r.FormatExploitCveSummary(),
r.FormatAlertSummary(),
}
} else {
cols = []interface{}{
@@ -104,7 +104,7 @@ func formatList(r models.ScanResult) string {
%s
No CVE-IDs are found in updatable packages.
%s
`, header, r.FormatUpdatablePacksSummary())
`, header, r.FormatUpdatablePacksSummary())
}
data := [][]string{}
@@ -116,8 +116,14 @@ No CVE-IDs are found in updatable packages.
// packname := vinfo.AffectedPackages.FormatTuiSummary()
// packname += strings.Join(vinfo.CpeURIs, ", ")
exploits := ""
if 0 < len(vinfo.Exploits) {
exploits = " Y"
}
data = append(data, []string{
vinfo.CveID,
vinfo.AlertDict.FormatSource(),
fmt.Sprintf("%4.1f", max),
// fmt.Sprintf("%4.1f", v2max),
// fmt.Sprintf("%4.1f", v3max),
@@ -125,7 +131,7 @@ No CVE-IDs are found in updatable packages.
fmt.Sprintf("%7s", vinfo.PatchStatus(r.Packages)),
// packname,
fmt.Sprintf("https://nvd.nist.gov/vuln/detail/%s", vinfo.CveID),
fmt.Sprintf("%t", 0 < len(vinfo.Exploits)),
exploits,
})
}
@@ -133,6 +139,7 @@ No CVE-IDs are found in updatable packages.
table := tablewriter.NewWriter(&b)
table.SetHeader([]string{
"CVE-ID",
"CERT",
"CVSS",
// "v3",
// "v2",
@@ -161,7 +168,7 @@ func formatFullPlainText(r models.ScanResult) (lines string) {
%s
No CVE-IDs are found in updatable packages.
%s
`, header, r.FormatUpdatablePacksSummary())
`, header, r.FormatUpdatablePacksSummary())
}
lines = header + "\n"
@@ -232,6 +239,10 @@ No CVE-IDs are found in updatable packages.
data = append(data, []string{"CPE", name})
}
for _, alert := range vuln.GitHubSecurityAlerts {
data = append(data, []string{"GitHub", alert.PackageName})
}
for _, confidence := range vuln.Confidences {
data = append(data, []string{"Confidence", confidence.String()})
}
@@ -261,6 +272,14 @@ No CVE-IDs are found in updatable packages.
data = append(data, []string{"OWASP Top10", url})
}
for _, alert := range vuln.AlertDict.Ja {
data = append(data, []string{"JPCERT Alert", alert.URL})
}
for _, alert := range vuln.AlertDict.En {
data = append(data, []string{"USCERT Alert", alert.URL})
}
// for _, rr := range vuln.CveContents.References(r.Family) {
// for _, ref := range rr.Value {
// data = append(data, []string{ref.Source, ref.Link})
@@ -303,6 +322,16 @@ func formatChangelogs(r models.ScanResult) string {
}
return strings.Join(buf, "\n")
}
func ovalSupported(r *models.ScanResult) bool {
switch r.Family {
case
config.Amazon,
config.FreeBSD,
config.Raspbian:
return false
}
return true
}
func needToRefreshCve(r models.ScanResult) bool {
if r.Lang != config.Conf.Lang {

1
scan/base.go
View File

@@ -391,6 +391,7 @@ func (l *base) convertToModel() models.ScanResult {
JSONVersion: models.JSONVersion,
ServerName: l.ServerInfo.ServerName,
ScannedAt: time.Now(),
ScanMode: l.ServerInfo.Mode.String(),
Family: l.Distro.Family,
Release: l.Distro.Release,
Container: container,

30
scan/debian.go
View File

@@ -528,8 +528,8 @@ func (o *debian) fillCandidateVersion(updatables models.Packages) (err error) {
if !r.isSuccess() {
return fmt.Errorf("Failed to SSH: %s", r)
}
packChangelog := o.splitAptCachePolicy(r.Stdout)
for k, v := range packChangelog {
packAptPolicy := o.splitAptCachePolicy(r.Stdout)
for k, v := range packAptPolicy {
ver, err := o.parseAptCachePolicy(v, k)
if err != nil {
return fmt.Errorf("Failed to parse %s", err)
@@ -539,6 +539,7 @@ func (o *debian) fillCandidateVersion(updatables models.Packages) (err error) {
return fmt.Errorf("Not found: %s", k)
}
pack.NewVersion = ver.Candidate
pack.Repository = ver.Repo
updatables[k] = pack
}
return
@@ -909,27 +910,29 @@ func (o *debian) splitAptCachePolicy(stdout string) map[string]string {
lasti = i
}
packChangelog := map[string]string{}
packAptPolicy := map[string]string{}
for _, r := range splitted {
packName := r[:strings.Index(r, ":")]
packChangelog[packName] = r
packAptPolicy[packName] = r
}
return packChangelog
return packAptPolicy
}
type packCandidateVer struct {
Name string
Installed string
Candidate string
Repo string
}
// parseAptCachePolicy the stdout of parse pat-get cache policy
func (o *debian) parseAptCachePolicy(stdout, name string) (packCandidateVer, error) {
ver := packCandidateVer{Name: name}
lines := strings.Split(stdout, "\n")
isRepoline := false
for _, line := range lines {
fields := strings.Fields(line)
if len(fields) != 2 {
if len(fields) < 2 {
continue
}
switch fields[0] {
@@ -937,10 +940,23 @@ func (o *debian) parseAptCachePolicy(stdout, name string) (packCandidateVer, err
ver.Installed = fields[1]
case "Candidate:":
ver.Candidate = fields[1]
return ver, nil
goto nextline
default:
// nop
}
if ver.Candidate != "" && strings.Contains(line, ver.Candidate) {
isRepoline = true
goto nextline
}
if isRepoline {
ss := strings.Split(strings.TrimSpace(line), " ")
if len(ss) == 5 {
ver.Repo = ss[2]
return ver, nil
}
}
nextline:
}
return ver, fmt.Errorf("Unknown Format: %s", stdout)
}

3
scan/debian_test.go
View File

@@ -530,6 +530,7 @@ func TestParseAptCachePolicy(t *testing.T) {
Name: "openssl",
Installed: "1.0.2f-2ubuntu1",
Candidate: "1.0.2g-1ubuntu2",
Repo: "xenial/main",
},
},
{
@@ -550,6 +551,7 @@ func TestParseAptCachePolicy(t *testing.T) {
Name: "openssl",
Installed: "1.0.1f-1ubuntu2.16",
Candidate: "1.0.1f-1ubuntu2.17",
Repo: "trusty-updates/main",
},
},
{
@@ -570,6 +572,7 @@ func TestParseAptCachePolicy(t *testing.T) {
Name: "openssl",
Installed: "1.0.1-4ubuntu5.33",
Candidate: "1.0.1-4ubuntu5.34",
Repo: "precise-updates/main",
},
},
}

66
scan/serverapi.go
View File

@@ -20,6 +20,7 @@ package scan
import (
"errors"
"fmt"
"net"
"net/http"
"os"
"path/filepath"
@@ -84,6 +85,30 @@ type osPackages struct {
Kernel models.Kernel
}
// Retry as it may stall on the first SSH connection
// https://github.com/future-architect/vuls/pull/753
func detectDebianWithRetry(c config.ServerInfo) (itsMe bool, deb osTypeInterface, err error) {
type Response struct {
itsMe bool
deb osTypeInterface
err error
}
resChan := make(chan Response, 1)
go func(c config.ServerInfo) {
itsMe, osType, fatalErr := detectDebian(c)
resChan <- Response{itsMe, osType, fatalErr}
}(c)
timeout := time.After(time.Duration(3) * time.Second)
select {
case res := <-resChan:
return res.itsMe, res.deb, res.err
case <-timeout:
time.Sleep(100 * time.Millisecond)
return detectDebian(c)
}
}
func detectOS(c config.ServerInfo) (osType osTypeInterface) {
var itsMe bool
var fatalErr error
@@ -93,7 +118,7 @@ func detectOS(c config.ServerInfo) (osType osTypeInterface) {
return
}
itsMe, osType, fatalErr = detectDebian(c)
itsMe, osType, fatalErr = detectDebianWithRetry(c)
if fatalErr != nil {
osType.setErrs([]error{
fmt.Errorf("Failed to detect OS: %s", fatalErr)})
@@ -571,12 +596,19 @@ func scanVulns(jsonDir string, scannedAt time.Time, timeoutSec int) error {
}, timeoutSec)
hostname, _ := os.Hostname()
ipv4s, ipv6s, err := ip()
if err != nil {
util.Log.Errorf("Failed to fetch scannedIPs: %s", err)
}
for _, s := range append(servers, errServers...) {
r := s.convertToModel()
r.ScannedAt = scannedAt
r.ScannedVersion = config.Version
r.ScannedRevision = config.Revision
r.ScannedBy = hostname
r.ScannedIPv4Addrs = ipv4s
r.ScannedIPv6Addrs = ipv6s
r.Config.Scan = config.Conf
results = append(results, r)
}
@@ -595,6 +627,38 @@ func scanVulns(jsonDir string, scannedAt time.Time, timeoutSec int) error {
return nil
}
// ip returns scanner network ip addresses
func ip() (ipv4Addrs []string, ipv6Addrs []string, err error) {
ifaces, err := net.Interfaces()
if err != nil {
return nil, nil, err
}
for _, i := range ifaces {
addrs, _ := i.Addrs()
for _, addr := range addrs {
var ip net.IP
switch v := addr.(type) {
case *net.IPNet:
ip = v.IP
case *net.IPAddr:
ip = v.IP
}
// only global unicast address
if !ip.IsGlobalUnicast() {
continue
}
if ok := ip.To4(); ok != nil {
ipv4Addrs = append(ipv4Addrs, ip.String())
} else {
ipv6Addrs = append(ipv6Addrs, ip.String())
}
}
}
return ipv4Addrs, ipv6Addrs, nil
}
// EnsureResultDir ensures the directory for scan results
func EnsureResultDir(scannedAt time.Time) (currentDir string, err error) {
jsonDirName := scannedAt.Format(time.RFC3339)