Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Stage:v0.8.2
Branches Tags
Stage:master Stage:MaineK00n/trivy-to-vuls-cvssv4.0 Stage:MaineK00n/al2023-kernel-livepatch Stage:nightly Stage:collect-selfbulid-jar Stage:detect-pkg-deps
Stage:v0.26.0 Stage:v0.26.0-rc2 Stage:v0.26.0-alpha3 Stage:v0.25.4 Stage:v0.25.3 Stage:v0.25.2 Stage:v0.25.1 Stage:v0.25.1-beta2 Stage:v0.25.1-beta1 Stage:v0.25.0 Stage:v0.24.9 Stage:v0.24.8 Stage:v0.24.7 Stage:v0.24.6 Stage:v0.24.5 Stage:v0.24.4 Stage:v0.24.3 Stage:v0.24.2 Stage:v0.24.1 Stage:v0.24.0 Stage:v0.23.4 Stage:v0.23.3 Stage:v0.23.2 Stage:v0.23.1 Stage:v0.23.0 Stage:v0.22.2 Stage:v0.22.1 Stage:v0.23.0-beta Stage:v0.22.0 Stage:v0.21.1 Stage:v0.21.0 Stage:v0.20.5 Stage:v0.20.4 Stage:v0.20.3 Stage:v0.20.2 Stage:v0.20.1 Stage:v0.20.0 Stage:v0.19.8 Stage:v0.19.7 Stage:v0.19.6 Stage:v0.19.5 Stage:v0.19.4 Stage:v0.19.3 Stage:v0.19.2 Stage:v0.19.1 Stage:v0.19.0 Stage:v0.18.1 Stage:v0.18.0 Stage:v0.17.1 Stage:v0.17.0 Stage:v0.16.0 Stage:v0.15.14 Stage:v0.15.13 Stage:v0.15.12 Stage:v0.15.11 Stage:v0.15.10 Stage:v0.15.9 Stage:v0.15.8 Stage:v0.15.7 Stage:v0.15.6 Stage:v0.15.5 Stage:v0.15.4 Stage:v0.15.3 Stage:v0.15.2 Stage:v0.15.1 Stage:v0.15.0 Stage:v0.14.1 Stage:v0.14.0 Stage:v0.13.9 Stage:v0.13.8 Stage:v0.13.7 Stage:v0.13.6 Stage:v0.13.5 Stage:v0.13.4 Stage:v0.13.3 Stage:v0.13.2 Stage:v0.13.1 Stage:v0.13.0 Stage:v0.12.3 Stage:v0.12.2 Stage:v0.12.1 Stage:v0.12.0 Stage:v0.11.3 Stage:v0.11.2 Stage:v0.11.1 Stage:v0.11.0 Stage:v0.10.0 Stage:v0.9.8 Stage:v0.9.7 Stage:v0.9.6 Stage:v0.9.5 Stage:v0.9.4 Stage:v0.9.3 Stage:v0.9.2 Stage:v0.9.1 Stage:v0.9.0 Stage:v0.8.5 Stage:v0.8.4 Stage:v0.8.3 Stage:v0.8.2 Stage:v0.8.1 Stage:v0.8.0 Stage:v0.7.0 Stage:v0.6.3 Stage:v0.6.2 Stage:v0.6.1 Stage:v0.6.0 Stage:v0.5.0 Stage:v0.4.2 Stage:v0.4.1 Stage:v0.4.0 Stage:v0.3.0 Stage:v0.2.0 Stage:v0.1.7 Stage:v0.1.6 Stage:v0.1.5 Stage:v0.1.4 Stage:v0.1.3 Stage:v0.1.2 Stage:v0.1.1 Stage:v0.1.0
..
compare: Stage:v0.9.4
Branches Tags
Stage:master Stage:MaineK00n/trivy-to-vuls-cvssv4.0 Stage:MaineK00n/al2023-kernel-livepatch Stage:nightly Stage:collect-selfbulid-jar Stage:detect-pkg-deps
Stage:v0.26.0 Stage:v0.26.0-rc2 Stage:v0.26.0-alpha3 Stage:v0.25.4 Stage:v0.25.3 Stage:v0.25.2 Stage:v0.25.1 Stage:v0.25.1-beta2 Stage:v0.25.1-beta1 Stage:v0.25.0 Stage:v0.24.9 Stage:v0.24.8 Stage:v0.24.7 Stage:v0.24.6 Stage:v0.24.5 Stage:v0.24.4 Stage:v0.24.3 Stage:v0.24.2 Stage:v0.24.1 Stage:v0.24.0 Stage:v0.23.4 Stage:v0.23.3 Stage:v0.23.2 Stage:v0.23.1 Stage:v0.23.0 Stage:v0.22.2 Stage:v0.22.1 Stage:v0.23.0-beta Stage:v0.22.0 Stage:v0.21.1 Stage:v0.21.0 Stage:v0.20.5 Stage:v0.20.4 Stage:v0.20.3 Stage:v0.20.2 Stage:v0.20.1 Stage:v0.20.0 Stage:v0.19.8 Stage:v0.19.7 Stage:v0.19.6 Stage:v0.19.5 Stage:v0.19.4 Stage:v0.19.3 Stage:v0.19.2 Stage:v0.19.1 Stage:v0.19.0 Stage:v0.18.1 Stage:v0.18.0 Stage:v0.17.1 Stage:v0.17.0 Stage:v0.16.0 Stage:v0.15.14 Stage:v0.15.13 Stage:v0.15.12 Stage:v0.15.11 Stage:v0.15.10 Stage:v0.15.9 Stage:v0.15.8 Stage:v0.15.7 Stage:v0.15.6 Stage:v0.15.5 Stage:v0.15.4 Stage:v0.15.3 Stage:v0.15.2 Stage:v0.15.1 Stage:v0.15.0 Stage:v0.14.1 Stage:v0.14.0 Stage:v0.13.9 Stage:v0.13.8 Stage:v0.13.7 Stage:v0.13.6 Stage:v0.13.5 Stage:v0.13.4 Stage:v0.13.3 Stage:v0.13.2 Stage:v0.13.1 Stage:v0.13.0 Stage:v0.12.3 Stage:v0.12.2 Stage:v0.12.1 Stage:v0.12.0 Stage:v0.11.3 Stage:v0.11.2 Stage:v0.11.1 Stage:v0.11.0 Stage:v0.10.0 Stage:v0.9.8 Stage:v0.9.7 Stage:v0.9.6 Stage:v0.9.5 Stage:v0.9.4 Stage:v0.9.3 Stage:v0.9.2 Stage:v0.9.1 Stage:v0.9.0 Stage:v0.8.5 Stage:v0.8.4 Stage:v0.8.3 Stage:v0.8.2 Stage:v0.8.1 Stage:v0.8.0 Stage:v0.7.0 Stage:v0.6.3 Stage:v0.6.2 Stage:v0.6.1 Stage:v0.6.0 Stage:v0.5.0 Stage:v0.4.2 Stage:v0.4.1 Stage:v0.4.0 Stage:v0.3.0 Stage:v0.2.0 Stage:v0.1.7 Stage:v0.1.6 Stage:v0.1.5 Stage:v0.1.4 Stage:v0.1.3 Stage:v0.1.2 Stage:v0.1.1 Stage:v0.1.0

65 Commits
v0.8.2 ... v0.9.4

Author SHA1 Message Date
Kota Kanbe
1f23ab7ba4 Bump up version 2020-04-28 14:27:46 +09:00
Kota Kanbe
ea3b63998d fix(report): GitHub Security Alerts Integration (#970) 2020-04-28 14:26:37 +09:00
Kota Kanbe
3093426458 fix(logging): panic if no write permission #949 (#968) 2020-04-27 17:37:30 +09:00
Kota Kanbe
37716feac7 refactor(lint): fix lint warnings (#967) 2020-04-27 17:02:27 +09:00
Kota Kanbe
56b12c38d2 fix(config): not working with empty config #962 (#963) 2020-04-23 10:50:35 +09:00
Kota Kanbe
749ead5d4a update go mod (#960) 2020-04-20 21:33:11 +09:00
Kota Kanbe
3be50ab8da bump up version 2020-04-19 09:06:01 +09:00
Kota Kanbe
649f4a6991 fix(report): kernel vulns detection BUG in Ubuntu (#958) 
* fix(report): kernel vulns detection in Ubuntu

* fix(ubuntu): remove linux-* to detect only running kernel vulns
 2020-04-19 09:04:08 +09:00
Kota Kanbe
0ff7641471 feat(report): display "fixed" when updatable even in fast mode (#957) 2020-04-13 18:20:32 +09:00
Kota Kanbe
1679bfae20 Update FUNDING.yml 2020-04-10 21:25:10 +09:00
Kota Kanbe
45aa364436 Update FUNDING.yml 2020-04-10 21:24:24 +09:00
Kota Kanbe
778516c4d9 Create FUNDING.yml 2020-04-10 21:21:30 +09:00
Kota Kanbe
464d523c42 Display fixed-in version for each package in report (#801) 
* refactor(model): PackageFixStatus.Name to BinName

* refacotr(oval): change var name

* feat(report): Add FixedIn in JSON

* refactor(tui): chage args

* display fixedin in report

* refactor(model): change fileld name

* remove unused field of PackageFixStatus
 2020-04-08 21:26:34 +09:00
Kota Kanbe
0f6a1987d4 fix(configtest): yum-utils instead of dnf-utils on RHEL8, Cent8 (#948) 2020-04-06 19:40:05 +09:00
Shigechika AIKAWA
20c6247ce5 fix CentOS8 configtest always failed (#947) 2020-04-06 15:47:08 +09:00
gy741
a10dd67e0f Fix typo in models/scanresults.go (#942) 2020-04-06 15:00:43 +09:00
segatomo
5729ad6026 Add CWE Top25 and SANS Top25 (#925) 
* add top25 rank

* add CweTop25 and SansTop25

* fix report

* add cwetop25 and sanstop25 url

* fix condition branch

* fix condition branch
 2020-03-03 17:33:06 +09:00
Tomoya Amachi
9aa0d87a21 feat : scan with image digest (#939) 2020-03-03 16:51:06 +09:00
ishiDACo
fe3f1b9924 Update OWASP Dependency Check parser for dependency-check.2.2.xsd schema (#936) 2020-02-27 10:08:26 +09:00
Kota Kanbe
00e52a88fa Update README.md 2020-02-01 09:27:17 +09:00
Kota Kanbe
5811dffe7a fix(report): Support CVSS 3.1 for Red Hat OVAL #930 (#932) 2020-01-30 22:48:04 +09:00
sadayuki-matsuno
7278982af4 update fanal (#931) 2020-01-30 20:40:49 +09:00
nyao
c17b4154ec fix(config): fix double checking ResultsDir Path (#927) 2019-12-12 09:29:12 +09:00
Kota Kanbe
d6e74cce08 bump up version (#923) 2019-11-26 09:54:30 +09:00
Kota Kanbe
3f80749241 Merge branch 'master' of github.com:future-architect/vuls 2019-11-26 09:44:10 +09:00
Kota Kanbe
7f72b6ac69 Warn no ip (#922) 
* fix(scan): ignore wp-cli stderr messages (#825) (#915)

* fix(scan): warn if unable to get ip address on the scan tareget server

* fix test case
 2019-11-26 09:40:38 +09:00
Kota Kanbe
03e7b90b9f Merge branch 'master' of github.com:future-architect/vuls 2019-11-26 08:53:03 +09:00
Kota Kanbe
7936b3533b Fill Red Hat CVE data for all distros (#920) 
* fix(scan): ignore wp-cli stderr messages (#825) (#915)

* refactor

* feat(report): fill Red Hat CVE data for all distros

* fix lint err

* fix cve judgment (#921)
 2019-11-25 17:01:18 +09:00
Shigechika AIKAWA
bd7e61d7cc fix(scan): ignore wp-cli stderr messages (#825) (#915) 2019-11-22 20:58:24 +09:00
Shigechika AIKAWA
69214e0c22 fix(scan): ignore wp-cli stderr messages (#825) (#915) 2019-11-01 10:01:50 +09:00
Wagde Zabit
45bff26558 Consider grep return value 1 as success (#907) 
* Allow Offline scanning on Alpine

* Consider grep return value 1 as success
 2019-09-18 23:26:37 +09:00
Kota Kanbe
b2e429ccc6 fix(log): add .log extension to vuls logfile (#910) 2019-09-18 23:21:06 +09:00
Kota Kanbe
76363c227b fix(report): enable to report when the sshkey not exist (#909) 2019-09-18 22:40:36 +09:00
Kota Kanbe
d5a3e5c2c5 fix(report): fix cert key in result json ja to jp (#908) 2019-09-18 19:30:32 +09:00
Kota Kanbe
2b02807ef0 fix(report): ignore exploits of no-cve-id vulns (#906) 2019-09-13 12:49:57 +09:00
Kota Kanbe
be659ae094 fix(docker): add git to image (#905) 2019-09-13 01:10:27 +09:00
Kota Kanbe
b2c105adbc fix(tui): enable to exec tui mode without cve.sqlite3 (#904) 2019-09-12 18:35:21 +09:00
Kota Kanbe
c61f462948 fix(report): show POC, CERT in tui and format-list. use vendor summary over NVD (#902) 
* fix(report): show POC, CERT in tui and format-list. show vendor summary

* fix test case
 2019-09-10 10:00:17 +09:00
Kota Kanbe
3ffed18e02 Change GPL v3 to AGPL v3 because of aquasecurity/trivy dependency (#897) 2019-09-09 21:12:17 +09:00
Kota Kanbe
f54e7257d1 fix(report): fill cert alerts from NVD and JVN feeds (#899) 
* fix(report): fill cert alerts from NVD and JVN feeds

* fix import alias cve to cvemodels

* fix import alias cve to cvemodels

* remove unnecessary func
 2019-09-09 21:11:59 +09:00
Kota Kanbe
cc13b6a27c fix(report): enable to report without NVD, exit if no OVAL data (#900) 
* feat(report): enable to report without NVD

* fix(report): enable to report without NVD and exit if no OVAL data

* update deps

* go mod tidy

* fix err msg
 2019-09-09 21:00:34 +09:00
Kota Kanbe
8877db1979 udpate deps, go 1.13 (#901) 2019-09-09 20:26:26 +09:00
Tomoya Amachi
af58122c91 for Amazon Linux image (#896) 
* fit amazon linux image's version to OVAL

* add Arch to SrcPackage

* lint go.mod

* make fmt
 2019-09-06 10:34:14 +09:00
Kota Kanbe
b7ca5e5590 feat(scan): add -wordpress-only and -libs-only flag (#898) 2019-09-06 10:33:03 +09:00
Tomoya Amachi
69b6d875e6 scanVuln => GetScanResults and writeScanResults (#891) 2019-09-04 13:28:34 +09:00
Kota Kanbe
1fbd516b83 fix(report): fix too many variables while reporting (#888) 2019-08-25 17:56:47 +09:00
DjinnS
dec5d3b165 No warning(s) in the output file with -quiet option. Report command (#885) 2019-08-25 10:56:42 +09:00
DjinnS
d5e2040cef awk is useless because ps already formats the output. Also, this syntaxe isn't correct when the command is excuted on a container because of the ' . (#883) 2019-08-25 10:13:58 +09:00
wagdez
4326befdec Allow Offline scanning on Alpine (#877) 2019-07-30 17:47:01 +09:00
Kota Kanbe
3d4a5d9917 fix(report): Unsupport family: centos (#876) 
* fix(report): Unsupport family: centos

* go mod tidy
 2019-07-25 12:47:41 +09:00
Shigechika AIKAWA
d770034788 fix centos yum makecache --assumeyes (#872) 2019-07-17 11:10:20 +09:00
Masahiro Fujimura
a977533c78 Fix performance and bug (#867) 
* Fix performance

* Update goval-dictionary

* Go mod tidy
 2019-07-15 21:20:01 +09:00
Kota Kanbe
c5e13dd5e4 fix(configtest): remove yum-plugin-ps check on Amazon Linux (#870) 2019-07-12 07:25:47 +09:00
Kota Kanbe
a8040fe4d2 fix(wordpress): add --allow-root to wp cmd for docker based wp (#865) 2019-07-07 19:15:17 +09:00
Tomoya Amachi
9e066008c3 fix go module problems & update trivy version (#864) 
* update trivy version

* use goval-dictionary@v0.1.4
 2019-07-07 17:04:52 +09:00
Kota Kanbe
22c6601526 make fmt 2019-07-06 23:25:46 +09:00
Kota Kanbe
425464fd76 fix(scan): allow exit 1 for no match lsof | grep (#863) 2019-07-06 23:15:34 +09:00
Kota Kanbe
ccb0751ffd fix(scan): show listening ip:port of procs (#862) 2019-07-06 14:10:08 +09:00
Kota Kanbe
f832de81b7 feat(saas): log.info done after uploading 2019-07-05 17:30:31 +09:00
Tomoya Amachi
8a37de0686 Add ips flag to scan (#861) 
* add scan -ips flag

* fix usage
 2019-07-04 18:42:12 +09:00
Kota Kanbe
836e4704f8 feat(scan): Display listen port of affected procs for each vulnerable pkgs (#859) 
* refactor(redhat): move rpmQa and rpmQf to redhatbase.go

* feat(scan): Display listen port of affected procs
 2019-07-03 23:01:59 +09:00
Kota Kanbe
3e5390309c feat(redhat): ignore will not fix vulns (#858) 2019-07-03 20:59:23 +09:00
Kota Kanbe
f8c0b38716 feat(fast-root): get running procs for each pkgs (all RHEL, CentOS, AmazonLinux, Ubuntu, Debian) (#855) 
* fix(scan): exec yum-plugin-ps on RHEL6 and 7

* feat(yumps): get affected procs on RHEL6 and RHEL8

* feat(scan): get affected processes for each packages

* tuning

* feat(scan): get running procs for each pkgs on Debian, Ubuntu
 2019-07-02 14:55:46 +09:00
Masahiro Fujimura
65e6070e5f Fix race condition in server mode (#857) 2019-07-02 10:11:36 +09:00
Tomoya Amachi
7b78ebbc42 retrieve ips(deep security) identifiers (#852) 
* retrieve ips identifiers

* fix golangci

* use IPS type

* fix log message

* fix lockfiles config

* change label

* IPS : only work with fast-root mode
 2019-07-02 10:06:30 +09:00
118 changed files with 2491 additions and 7295 deletions
Expand all files Collapse all files

3
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1,3 @@
# These are supported funding model platforms
github: kotakanbe

2
.travis.yml
View File

@@ -1,7 +1,7 @@
language: go
go:
- "1.12.x"
- "1.13.x"
after_success:
- test -n "$TRAVIS_TAG" && curl -sL https://git.io/goreleaser | bash

1
Dockerfile
View File

@@ -21,6 +21,7 @@ ENV WORKDIR /vuls
RUN apk add --no-cache \
openssh-client \
ca-certificates \
git \
&& mkdir -p $WORKDIR $LOGDIR
COPY --from=builder /go/bin/vuls /usr/local/bin/

5
GNUmakefile
View File

@@ -25,10 +25,10 @@ GO_OFF := GO111MODULE=off go
all: build
build: main.go pretest
build: main.go pretest fmt
$(GO) build -a -ldflags "$(LDFLAGS)" -o vuls $<
b: main.go pretest
b: main.go pretest fmt
$(GO) build -ldflags "$(LDFLAGS)" -o vuls $<
install: main.go pretest
@@ -65,5 +65,4 @@ cov:
clean:
echo $(PKGS) | xargs go clean || exit;
echo $(PKGS) | xargs go clean || exit;

153
LICENSE
View File

@@ -1,23 +1,21 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
GNU AFFERO GENERAL PUBLIC LICENSE
Version 3, 19 November 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The GNU Affero General Public License is a free, copyleft license for
software and other kinds of works, specifically designed to ensure
cooperation with the community in the case of network server software.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
our General Public Licenses are intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
software for all its users.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
@@ -26,44 +24,34 @@ them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
Developers that use our General Public Licenses protect your rights
with two steps: (1) assert copyright on the software, and (2) offer
you this License which gives you legal permission to copy, distribute
and/or modify the software.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
A secondary benefit of defending all users' freedom is that
improvements made in alternate versions of the program, if they
receive widespread use, become available for other developers to
incorporate. Many developers of free software are heartened and
encouraged by the resulting cooperation. However, in the case of
software used on network servers, this result may fail to come about.
The GNU General Public License permits making a modified version and
letting the public access it on a server without ever releasing its
source code to the public.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
The GNU Affero General Public License is designed specifically to
ensure that, in such cases, the modified source code becomes available
to the community. It requires the operator of a network server to
provide the source code of the modified version running there to the
users of that server. Therefore, public use of a modified version, on
a publicly accessible server, gives the public access to the source
code of the modified version.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
An older license, called the Affero General Public License and
published by Affero, was designed to accomplish similar goals. This is
a different license, not a version of the Affero GPL, but Affero has
released a new version of the Affero GPL which permits relicensing under
this license.
The precise terms and conditions for copying, distribution and
modification follow.
@@ -72,7 +60,7 @@ modification follow.
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"This License" refers to version 3 of the GNU Affero General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
@@ -549,35 +537,45 @@ to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
13. Remote Network Interaction; Use with the GNU General Public License.
Notwithstanding any other provision of this License, if you modify the
Program, your modified version must prominently offer all users
interacting with it remotely through a computer network (if your version
supports such interaction) an opportunity to receive the Corresponding
Source of your version by providing access to the Corresponding Source
from a network server at no charge, through some standard or customary
means of facilitating copying of software. This Corresponding Source
shall include the Corresponding Source for any work covered by version 3
of the GNU General Public License that is incorporated pursuant to the
following paragraph.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
under version 3 of the GNU General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
but the work with which it is combined will remain governed by version
3 of the GNU General Public License.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
the GNU Affero General Public License from time to time. Such new versions
will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Program specifies that a certain numbered version of the GNU Affero General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
GNU Affero General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
versions of the GNU Affero General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
@@ -631,44 +629,33 @@ to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
GNU Affero General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
Vuls Copyright (C) 2016 Future Corporation , Japan.
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
If your software can interact with users remotely through a computer
network, you should also make sure that it provides a way for users to
get its source. For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code. There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.
For more information on this, and how to apply and follow the GNU AGPL, see
<https://www.gnu.org/licenses/>.

2
README.md
View File

@@ -170,7 +170,7 @@ Vuls has some options to detect the vulnerabilities
- Auto-generation of configuration file template
- Auto-detection of servers set using CIDR, generate configuration file template
- Email and Slack notification is possible (supports Japanese language)
- Scan result is viewable on accessory software, TUI Viewer in a terminal or Web UI ([VulsRepo](https://github.com/future-architect/vulsrepo)).
- Scan result is viewable on accessory software, TUI Viewer in a terminal or Web UI ([VulsRepo](https://github.com/ishiDACo/vulsrepo)).
----

2897
alert/alert_jp.go
View File

File diff suppressed because it is too large Load Diff

920
alert/alert_us.go
View File

@@ -1,920 +0,0 @@
package alert
// AlertDictEn has USCERT alerts
var AlertDictEn = map[string]Alert{
"https://www.us-cert.gov/ncas/alerts/TA08-352A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-352A",
Title: `Microsoft Internet Explorer Data Binding Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-350A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-350A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-344A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-344A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-340A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-340A",
Title: `Sun Java Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA08-319A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA08-319A",
Title: `Mozilla Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-132A",
Title: `Microsoft PowerPoint Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-041A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-041A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-343A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-343A",
Title: `Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-218A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-218A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-195A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-195A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-342A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-342A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-286B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-286B",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-160B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-160B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-069A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-069A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-223A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-223A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-013A",
Title: `Microsoft Updates for Multiple SMB Protocol Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-294A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-294A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-020A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-020A",
Title: `Microsoft Windows Does Not Disable AutoRun Properly`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-133A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-133A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-022A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-022A",
Title: `Apple QuickTime Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-051A",
Title: `Adobe Acrobat and Reader Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-015A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-015A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-251A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-251A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-209A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-209A",
Title: `Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-204A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-204A",
Title: `Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-161A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-161A",
Title: `Adobe Acrobat and Reader Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-133B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-133B",
Title: `Adobe Reader and Acrobat JavaScript Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-088A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-088A",
Title: `Conficker Worm Targets Microsoft Windows Systems`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-314A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-314A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-105A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-104A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-104A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-286A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA09-187A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA09-187A",
Title: `Microsoft Video ActiveX Control Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-238A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-238A",
Title: `Microsoft Windows Insecurely Loads Dynamic Libraries`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-159B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-159B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-103B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-103B",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-021A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-021A",
Title: `Microsoft Internet Explorer Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-012A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-012A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-313A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-313A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-285A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-285A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-263A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-263A",
Title: `Adobe Flash Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-103C": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-103C",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-040A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-040A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-194B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-194B",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-194A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-194A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-131A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-131A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-068A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-068A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-348A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-348A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-257A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-257A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-231A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-231A",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-222A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-222A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-162A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-162A",
Title: `Adobe Flash and AIR Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-159A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-159A",
Title: `Adobe Flash, Reader, and Acrobat Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-089A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-089A",
Title: `Microsoft Internet Explorer Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-013A",
Title: `Adobe Reader and Acrobat Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-287A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-287A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-279A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-279A",
Title: `Adobe Reader and Acrobat Affected by Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-223A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-223A",
Title: `Adobe Flash and AIR Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA10-012B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA10-012B",
Title: `Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-165A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-165A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-067A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-067A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-039A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-039A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-222A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-222A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-193A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-193A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-201A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-201A",
Title: `Oracle Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-166A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-166A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-130A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-130A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-312A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-312A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-286A",
Title: `Apple Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-350A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-350A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-221A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-221A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-256A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-256A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-200A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-200A",
Title: `Security Recommendations to Prevent Cyber Intrusions`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-102A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-102A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-011A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-011A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-347A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-347A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA11-284A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA11-284A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-262A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-262A",
Title: `Microsoft Security Advisory for Internet Explorer Exploit`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-240A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-240A",
Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-227A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-227A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-129A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-129A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-101B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-101B",
Title: `Adobe Reader and Acrobat Security Updates and Architectural Improvements`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-010A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-010A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-006A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-006A",
Title: `Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-265A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-265A",
Title: `Microsoft Releases Patch for Internet Explorer Exploit`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-255A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-255A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-251A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-251A",
Title: `Microsoft Update For Minimum Certificate Key Length`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-174A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-174A",
Title: `Microsoft XML Core Services Attack Activity`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-164A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-164A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-101A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-101A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-318A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-283A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-283A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-346A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-346A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-192A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-192A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-073A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-073A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-045A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-045A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA12-024A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA12-024A",
Title: `&quot;Anonymous&quot; DDoS Activity`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-134A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-134A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-043B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-043B",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-008A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-008A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-051A",
Title: `Oracle Java Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-043A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-043A",
Title: `Adobe Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-225A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-225A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-207A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-207A",
Title: `Risks of Using the Intelligent Platform Management Interface (IPMI)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-141A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-141A",
Title: `Washington, DC Radio Station Web Site Compromises`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-175A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-175A",
Title: `Risks of Default Passwords on the Internet`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-169A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-169A",
Title: `Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-168A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-168A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-100A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-100A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-088A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-088A",
Title: `DNS Amplification Attacks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-317A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-317A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-309A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-309A",
Title: `CryptoLocker Ransomware Infections`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-288A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-288A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-064A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-064A",
Title: `Oracle Java Contains Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-032A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-032A",
Title: `Oracle Java Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-024A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-024A",
Title: `Content Management Systems Security and Associated Risks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-107A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-107A",
Title: `Oracle Has Released Multiple Updates for Java SE`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-071A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-071A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-015A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-015A",
Title: `Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-010A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-010A",
Title: `Oracle Java 7 Security Manager Bypass Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-253A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-253A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-193A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-193A",
Title: `Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator (ePO)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA13-190A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA13-190A",
Title: `Microsoft Updates for Multiple Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-323A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-323A",
Title: `Microsoft Windows Kerberos KDC Remote Privilege Escalation Vulnerability `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-300A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-300A",
Title: `Phishing Campaign Linked with “Dyre” Banking Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-295A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-295A",
Title: `Crypto Ransomware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-318B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-318B",
Title: `Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-317A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-317A",
Title: `Apple iOS &#039;Masque Attack&#039; Technique`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-290A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-290A",
Title: `SSL 3.0 Protocol Vulnerability and POODLE Attack`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-017A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-017A",
Title: `UDP-Based Amplification Attacks`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-002A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-002A",
Title: `Malware Targeting Point of Sale Systems`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-318A",
Title: `Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321) `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-310A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-310A",
Title: `Microsoft Ending Support for Windows Server 2003 Operating System`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-268A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-268A",
Title: `GNU Bourne-Again Shell (Bash) Shellshock Vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE 2014-6278) `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-098A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-098A",
Title: `OpenSSL &#039;Heartbleed&#039; vulnerability (CVE-2014-0160)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-353A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-353A",
Title: `Targeted Destructive Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-329A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-329A",
Title: `Regin Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-212A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-212A",
Title: `Backoff Point-of-Sale Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-150A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-150A",
Title: `GameOver Zeus P2P Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA14-013A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA14-013A",
Title: `NTP Amplification Attacks Using CVE-2013-5211`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-195A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-195A",
Title: `Adobe Flash and Microsoft Windows Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-337A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-337A",
Title: `Dorkbot`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-240A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-240A",
Title: `Controlling Outbound DNS Access`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-213A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-213A",
Title: `Recent Email Phishing Campaigns Mitigation and Response Recommendations`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-120A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-120A",
Title: `Securing End-to-End Communications`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-119A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-119A",
Title: `Top 30 Targeted High Risk Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-105A",
Title: `Simda Botnet`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-103A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-103A",
Title: `DNS Zone Transfer AXFR Requests May Leak Domain Information`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-098A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-098A",
Title: `AAEH`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-314A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-314A",
Title: `Compromised Web Servers and Web Shells - Threat Awareness and Guidance `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-286A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-286A",
Title: `Dridex P2P Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA15-051A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA15-051A",
Title: `Lenovo Superfish Adware Vulnerable to HTTPS Spoofing`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-187A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-187A",
Title: `Symantec and Norton Security Products Contain Critical Vulnerabilities`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-144A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-144A",
Title: `WPAD Name Collision Vulnerability`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-132A",
Title: `Exploitation of SAP Business Applications`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-105A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-105A",
Title: `Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-091A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-091A",
Title: `Ransomware and Recent Variants`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-336A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-336A",
Title: `Avalanche (crimeware-as-a-service infrastructure)`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-288A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-288A",
Title: `Heightened DDoS Threat Posed by Mirai and Other Botnets`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA16-250A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA16-250A",
Title: `The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-117A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-117A",
Title: `Intrusions Affecting Multiple Victims Across Multiple Sectors`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-318B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-318B",
Title: `HIDDEN COBRA North Korean Trojan: Volgmer`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-318A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-318A",
Title: `HIDDEN COBRA North Korean Remote Administration Tool: FALLCHILL`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-181A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-181A",
Title: `Petya Ransomware `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-132A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-132A",
Title: `Indicators Associated With WannaCry Ransomware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-075A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-075A",
Title: `HTTPS Interception Weakens TLS Security`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-293A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-293A",
Title: `Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-164A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-164A",
Title: `HIDDEN COBRA North Koreas DDoS Botnet Infrastructure`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-163A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-163A",
Title: `CrashOverride Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA17-156A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA17-156A",
Title: `Reducing the Risk of SNMP Abuse`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-141A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-141A",
Title: `Side-Channel Vulnerability Variants 3a and 4`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-086A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-086A",
Title: `Brute Force Attacks Conducted by Cyber Actors `,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-004A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-004A",
Title: `Meltdown and Spectre Side-Channel Vulnerability Guidance`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-331A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-331A",
Title: `3ve Major Online Ad Fraud Operation`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/AA18-284A": {
URL: "https://www.us-cert.gov/ncas/alerts/AA18-284A",
Title: `Publicly Available Tools Seen in Cyber Incidents Worldwide`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-276B": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-276B",
Title: `Advanced Persistent Threat Activity Exploiting Managed Service Providers`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-275A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-275A",
Title: `HIDDEN COBRA FASTCash Campaign`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-201A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-201A",
Title: `Emotet Malware`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-276A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-276A",
Title: `Using Rigorous Credential Control to Mitigate Trusted Network Exploitation`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-149A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-149A",
Title: `HIDDEN COBRA Joanap Backdoor Trojan and Brambul Server Message Block Worm`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-145A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-145A",
Title: `Cyber Actors Target Home and Office Routers and Networked Devices Worldwide`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-106A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-106A",
Title: `Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices`,
Team: "us",
},
"https://www.us-cert.gov/ncas/alerts/TA18-074A": {
URL: "https://www.us-cert.gov/ncas/alerts/TA18-074A",
Title: `Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors`,
Team: "us",
},
}

534
alert/cve_jp.go
View File

@@ -1,534 +0,0 @@
package alert
// CveDictJa has CVE-ID key which included JPCERT alerts
var CveDictJa = map[string][]string{
"CVE-2006-0003": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-0005": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-1173": {"https://www.jpcert.or.jp/at/2006/at060008.html"},
"CVE-2006-3014": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3059": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3086": {"https://www.jpcert.or.jp/at/2006/at060009.html"},
"CVE-2006-3643": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-3730": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-3877": {"https://www.jpcert.or.jp/at/2007/at070005.html"},
"CVE-2006-5198": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2006-5745": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2007-0015": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2007-0038": {"https://www.jpcert.or.jp/at/2007/at070016.html"},
"CVE-2008-4609": {"https://www.jpcert.or.jp/at/2009/at090019.html"},
"CVE-2010-0886": {"https://www.jpcert.or.jp/at/2010/at100010.html"},
"CVE-2010-0887": {"https://www.jpcert.or.jp/at/2010/at100010.html"},
"CVE-2011-1910": {"https://www.jpcert.or.jp/at/2011/at110014.html"},
"CVE-2011-2444": {"https://www.jpcert.or.jp/at/2011/at110026.html"},
"CVE-2011-2462": {"https://www.jpcert.or.jp/at/2011/at110034.html"},
"CVE-2011-2465": {"https://www.jpcert.or.jp/at/2011/at110019.html"},
"CVE-2011-3192": {"https://www.jpcert.or.jp/at/2011/at110023.html"},
"CVE-2011-3348": {"https://www.jpcert.or.jp/at/2011/at110023.html"},
"CVE-2011-3544": {"https://www.jpcert.or.jp/at/2011/at110032.html"},
"CVE-2011-4313": {"https://www.jpcert.or.jp/at/2011/at110031.html"},
"CVE-2012-0002": {"https://www.jpcert.or.jp/at/2012/at120009.html"},
"CVE-2012-0507": {"https://www.jpcert.or.jp/at/2012/at120010.html"},
"CVE-2012-0767": {"https://www.jpcert.or.jp/at/2012/at120006.html"},
"CVE-2012-0779": {"https://www.jpcert.or.jp/at/2012/at120014.html"},
"CVE-2012-0830": {"https://www.jpcert.or.jp/at/2012/at120004.html"},
"CVE-2012-2311": {"https://www.jpcert.or.jp/at/2012/at120016.html"},
"CVE-2012-4244": {"https://www.jpcert.or.jp/at/2012/at120029.html"},
"CVE-2012-4681": {"https://www.jpcert.or.jp/at/2012/at120028.html"},
"CVE-2012-4969": {"https://www.jpcert.or.jp/at/2012/at120030.html"},
"CVE-2012-5166": {"https://www.jpcert.or.jp/at/2012/at120033.html"},
"CVE-2013-0422": {"https://www.jpcert.or.jp/at/2013/at130004.html"},
"CVE-2013-1493": {"https://www.jpcert.or.jp/at/2013/at130014.html"},
"CVE-2013-2266": {"https://www.jpcert.or.jp/at/2013/at130017.html"},
"CVE-2013-2494": {"https://www.jpcert.or.jp/at/2013/at130017.html"},
"CVE-2013-3893": {"https://www.jpcert.or.jp/at/2013/at130040.html", "https://www.jpcert.or.jp/at/2013/at130041.html"},
"CVE-2013-3906": {"https://www.jpcert.or.jp/at/2013/at130044.html"},
"CVE-2013-3918": {"https://www.jpcert.or.jp/at/2013/at130045.html"},
"CVE-2013-3919": {"https://www.jpcert.or.jp/at/2013/at130026.html"},
"CVE-2013-4854": {"https://www.jpcert.or.jp/at/2013/at130034.html"},
"CVE-2014-0050": {"https://www.jpcert.or.jp/at/2014/at140007.html"},
"CVE-2014-0160": {"https://www.jpcert.or.jp/at/2014/at140013.html"},
"CVE-2014-0322": {"https://www.jpcert.or.jp/at/2014/at140009.html"},
"CVE-2014-1776": {"https://www.jpcert.or.jp/at/2014/at140018.html", "https://www.jpcert.or.jp/at/2014/at140020.html"},
"CVE-2014-3383": {"https://www.jpcert.or.jp/at/2015/at150021.html"},
"CVE-2014-3859": {"https://www.jpcert.or.jp/at/2014/at140027.html"},
"CVE-2014-4114": {"https://www.jpcert.or.jp/at/2014/at140039.html"},
"CVE-2014-6271": {"https://www.jpcert.or.jp/at/2014/at140037.html", "https://www.jpcert.or.jp/at/2014/at140038.html"},
"CVE-2014-6277": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-6278": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-6324": {"https://www.jpcert.or.jp/at/2014/at140048.html"},
"CVE-2014-6332": {"https://www.jpcert.or.jp/at/2015/at150015.html"},
"CVE-2014-6352": {"https://www.jpcert.or.jp/at/2014/at140043.html"},
"CVE-2014-7169": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-7186": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-7187": {"https://www.jpcert.or.jp/at/2014/at140037.html"},
"CVE-2014-8361": {"https://www.jpcert.or.jp/at/2017/at170049.html"},
"CVE-2014-8500": {"https://www.jpcert.or.jp/at/2014/at140050.html"},
"CVE-2014-9163": {"https://www.jpcert.or.jp/at/2014/at140052.html"},
"CVE-2015-0313": {"https://www.jpcert.or.jp/at/2015/at150015.html"},
"CVE-2015-1769": {"https://www.jpcert.or.jp/at/2015/at150028.html"},
"CVE-2015-5119": {"https://www.jpcert.or.jp/at/2015/at150019.html"},
"CVE-2015-5122": {"https://www.jpcert.or.jp/at/2015/at150020.html"},
"CVE-2015-5123": {"https://www.jpcert.or.jp/at/2015/at150020.html"},
"CVE-2015-5477": {"https://www.jpcert.or.jp/at/2015/at150027.html"},
"CVE-2015-5986": {"https://www.jpcert.or.jp/at/2015/at150031.html"},
"CVE-2015-6835": {"https://www.jpcert.or.jp/at/2016/at160036.html"},
"CVE-2015-7547": {"https://www.jpcert.or.jp/at/2016/at160009.html"},
"CVE-2015-7645": {"https://www.jpcert.or.jp/at/2015/at150036.html", "https://www.jpcert.or.jp/at/2015/at150037.html"},
"CVE-2015-8000": {"https://www.jpcert.or.jp/at/2015/at150043.html"},
"CVE-2015-8461": {"https://www.jpcert.or.jp/at/2015/at150043.html"},
"CVE-2015-8562": {"https://www.jpcert.or.jp/at/2016/at160036.html"},
"CVE-2015-8651": {"https://www.jpcert.or.jp/at/2016/at160001.html"},
"CVE-2015-8704": {"https://www.jpcert.or.jp/at/2016/at160006.html"},
"CVE-2015-8705": {"https://www.jpcert.or.jp/at/2016/at160006.html"},
"CVE-2016-0189": {"https://www.jpcert.or.jp/at/2016/at160022.html"},
"CVE-2016-0636": {"https://www.jpcert.or.jp/at/2016/at160015.html"},
"CVE-2016-0800": {"https://www.jpcert.or.jp/at/2016/at160010.html"},
"CVE-2016-1000109": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-1000110": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-1010": {"https://www.jpcert.or.jp/at/2016/at160014.html"},
"CVE-2016-1019": {"https://www.jpcert.or.jp/at/2016/at160016.html"},
"CVE-2016-1204": {"https://www.jpcert.or.jp/at/2016/at160019.html"},
"CVE-2016-1286": {"https://www.jpcert.or.jp/at/2016/at160013.html", "https://www.jpcert.or.jp/at/2016/at160037.html"},
"CVE-2016-2776": {"https://www.jpcert.or.jp/at/2016/at160037.html"},
"CVE-2016-3081": {"https://www.jpcert.or.jp/at/2016/at160020.html"},
"CVE-2016-3227": {"https://www.jpcert.or.jp/at/2016/at160025.html"},
"CVE-2016-3714": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3715": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3716": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3717": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-3718": {"https://www.jpcert.or.jp/at/2016/at160021.html"},
"CVE-2016-4117": {"https://www.jpcert.or.jp/at/2016/at160024.html"},
"CVE-2016-4171": {"https://www.jpcert.or.jp/at/2016/at160026.html"},
"CVE-2016-4438": {"https://www.jpcert.or.jp/at/2016/at160027.html"},
"CVE-2016-5385": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5386": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5387": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-5388": {"https://www.jpcert.or.jp/at/2016/at160031.html"},
"CVE-2016-6307": {"https://www.jpcert.or.jp/at/2016/at160038.html"},
"CVE-2016-6309": {"https://www.jpcert.or.jp/at/2016/at160038.html"},
"CVE-2016-7189": {"https://www.jpcert.or.jp/at/2016/at160039.html"},
"CVE-2016-7836": {"https://www.jpcert.or.jp/at/2016/at160051.html", "https://www.jpcert.or.jp/at/2017/at170023.html"},
"CVE-2016-7855": {"https://www.jpcert.or.jp/at/2016/at160039.html", "https://www.jpcert.or.jp/at/2016/at160043.html"},
"CVE-2016-7892": {"https://www.jpcert.or.jp/at/2016/at160048.html", "https://www.jpcert.or.jp/at/2016/at160049.html"},
"CVE-2016-8864": {"https://www.jpcert.or.jp/at/2016/at160044.html"},
"CVE-2016-9131": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9147": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9444": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2016-9778": {"https://www.jpcert.or.jp/at/2017/at170004.html"},
"CVE-2017-0093": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0106": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0145": {"https://www.jpcert.or.jp/at/2017/at170020.html"},
"CVE-2017-0158": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0160": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0161": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-0162": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0163": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0180": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0181": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0199": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0200": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0201": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0202": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0205": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0210": {"https://www.jpcert.or.jp/at/2017/at170015.html"},
"CVE-2017-0221": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0222": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0224": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0227": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0228": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0229": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0235": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0236": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0240": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0250": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-0261": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0263": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0266": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0272": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0277": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0278": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0279": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0283": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0290": {"https://www.jpcert.or.jp/at/2017/at170019.html"},
"CVE-2017-0291": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0292": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0293": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-0294": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-0781": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0782": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0783": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-0785": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-1000250": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-1000251": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-10271": {"https://www.jpcert.or.jp/at/2018/at180004.html"},
"CVE-2017-10845": {"https://www.jpcert.or.jp/at/2017/at170034.html"},
"CVE-2017-10846": {"https://www.jpcert.or.jp/at/2017/at170034.html"},
"CVE-2017-11223": {"https://www.jpcert.or.jp/at/2017/at170031.html"},
"CVE-2017-11292": {"https://www.jpcert.or.jp/at/2017/at170040.html"},
"CVE-2017-11762": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11763": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11764": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-11766": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-11771": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11779": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11792": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11793": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11796": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11798": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11799": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11800": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11802": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11804": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11805": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11806": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11807": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11808": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11809": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11810": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11811": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11812": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11813": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11819": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11821": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11822": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11826": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-11836": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11837": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11838": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11839": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11840": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11841": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11843": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11845": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11846": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11855": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11856": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11858": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11861": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11862": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11866": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11869": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11870": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11871": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11873": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11882": {"https://www.jpcert.or.jp/at/2017/at170044.html"},
"CVE-2017-11886": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11888": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11889": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11890": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11893": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11894": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11895": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11901": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11903": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11905": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11907": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11908": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11909": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11910": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11911": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11912": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11914": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11918": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11930": {"https://www.jpcert.or.jp/at/2017/at170048.html"},
"CVE-2017-11937": {"https://www.jpcert.or.jp/at/2017/at170046.html"},
"CVE-2017-12615": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-12616": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-12617": {"https://www.jpcert.or.jp/at/2017/at170038.html"},
"CVE-2017-13872": {"https://www.jpcert.or.jp/at/2017/at170045.html"},
"CVE-2017-14315": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-3135": {"https://www.jpcert.or.jp/at/2017/at170007.html"},
"CVE-2017-3136": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3137": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3138": {"https://www.jpcert.or.jp/at/2017/at170016.html"},
"CVE-2017-3142": {"https://www.jpcert.or.jp/at/2017/at170024.html"},
"CVE-2017-3143": {"https://www.jpcert.or.jp/at/2017/at170024.html"},
"CVE-2017-3145": {"https://www.jpcert.or.jp/at/2018/at180005.html"},
"CVE-2017-5638": {"https://www.jpcert.or.jp/at/2017/at170009.html"},
"CVE-2017-6753": {"https://www.jpcert.or.jp/at/2017/at170028.html"},
"CVE-2017-8463": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8464": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8496": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8497": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8499": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8517": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8520": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8522": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8524": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8527": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8528": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8543": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8548": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8549": {"https://www.jpcert.or.jp/at/2017/at170022.html"},
"CVE-2017-8584": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8589": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8591": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8594": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8595": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8596": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8598": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8601": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8603": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8604": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8605": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8606": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8607": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8608": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8609": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8610": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8617": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8618": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8619": {"https://www.jpcert.or.jp/at/2017/at170027.html"},
"CVE-2017-8620": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8622": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8628": {"https://www.jpcert.or.jp/at/2017/at170037.html"},
"CVE-2017-8634": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8635": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8636": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8638": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8639": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8640": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8641": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8645": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8646": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8647": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8649": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8653": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8655": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8656": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8657": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8660": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8661": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8669": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8670": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8671": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8672": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8674": {"https://www.jpcert.or.jp/at/2017/at170032.html"},
"CVE-2017-8676": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8682": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8686": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8696": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8727": {"https://www.jpcert.or.jp/at/2017/at170039.html"},
"CVE-2017-8728": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8729": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8731": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8734": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8737": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8738": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8740": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8741": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8747": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8748": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8749": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8750": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8751": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8752": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8753": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8755": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8756": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8757": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-8759": {"https://www.jpcert.or.jp/at/2017/at170036.html"},
"CVE-2017-9791": {"https://www.jpcert.or.jp/at/2017/at170025.html"},
"CVE-2017-9805": {"https://www.jpcert.or.jp/at/2017/at170033.html"},
"CVE-2018-0171": {"https://www.jpcert.or.jp/at/2018/at180013.html"},
"CVE-2018-0758": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0762": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0763": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0767": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0769": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0770": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0772": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0773": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0774": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0775": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0776": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0777": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0778": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0780": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0781": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0797": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0800": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0802": {"https://www.jpcert.or.jp/at/2018/at180002.html"},
"CVE-2018-0825": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0834": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0835": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0837": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0838": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0840": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0852": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0856": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0857": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0859": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0860": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0861": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-0870": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0872": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0874": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0876": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0889": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0893": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0930": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0931": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0932": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0933": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0934": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0936": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0937": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0939": {"https://www.jpcert.or.jp/at/2018/at180011.html"},
"CVE-2018-0943": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0945": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0946": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0950": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0951": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0953": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0954": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0955": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0959": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0961": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-0965": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-0979": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0980": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0981": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0988": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0990": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0991": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0993": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0994": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0995": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-0996": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1000": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1004": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1010": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1012": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1013": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1015": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1016": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1018": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1019": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1020": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-1022": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-1023": {"https://www.jpcert.or.jp/at/2018/at180016.html"},
"CVE-2018-11776": {"https://www.jpcert.or.jp/at/2018/at180036.html"},
"CVE-2018-1270": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1271": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1272": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-1273": {"https://www.jpcert.or.jp/at/2018/at180017.html"},
"CVE-2018-1274": {"https://www.jpcert.or.jp/at/2018/at180017.html"},
"CVE-2018-1275": {"https://www.jpcert.or.jp/at/2018/at180014.html"},
"CVE-2018-12794": {"https://www.jpcert.or.jp/at/2018/at180039.html"},
"CVE-2018-1336": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-15442": {"https://www.jpcert.or.jp/at/2018/at180043.html"},
"CVE-2018-15979": {"https://www.jpcert.or.jp/at/2018/at180045.html"},
"CVE-2018-2628": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2893": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2894": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2933": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2983": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-2998": {"https://www.jpcert.or.jp/at/2018/at180029.html"},
"CVE-2018-4877": {"https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-4878": {"https://www.jpcert.or.jp/at/2018/at180006.html", "https://www.jpcert.or.jp/at/2018/at180008.html"},
"CVE-2018-4945": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5000": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5001": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5002": {"https://www.jpcert.or.jp/at/2018/at180024.html", "https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-5740": {"https://www.jpcert.or.jp/at/2018/at180031.html"},
"CVE-2018-7600": {"https://www.jpcert.or.jp/at/2018/at180012.html"},
"CVE-2018-7602": {"https://www.jpcert.or.jp/at/2018/at180019.html"},
"CVE-2018-8034": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-8037": {"https://www.jpcert.or.jp/at/2018/at180030.html"},
"CVE-2018-8110": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8111": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8114": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8120": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8122": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8128": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8130": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8133": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8137": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8139": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8154": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8174": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8178": {"https://www.jpcert.or.jp/at/2018/at180021.html"},
"CVE-2018-8213": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8225": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8229": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8231": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8236": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8242": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8249": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8251": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8262": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8266": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8267": {"https://www.jpcert.or.jp/at/2018/at180025.html"},
"CVE-2018-8273": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8274": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8275": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8279": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8280": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8286": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8288": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8290": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8291": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8294": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8296": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8301": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8302": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8324": {"https://www.jpcert.or.jp/at/2018/at180028.html"},
"CVE-2018-8332": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8344": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8345": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8350": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8355": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8367": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8371": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8372": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8373": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8377": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8380": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8381": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8385": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8387": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8390": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8397": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8403": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8414": {"https://www.jpcert.or.jp/at/2018/at180034.html"},
"CVE-2018-8420": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8421": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8439": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8440": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8447": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8453": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8456": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8457": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8459": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8460": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8461": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8464": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8465": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8466": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8467": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8473": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8475": {"https://www.jpcert.or.jp/at/2018/at180038.html"},
"CVE-2018-8476": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8489": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8490": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8491": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8494": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8505": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8509": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8510": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8511": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8513": {"https://www.jpcert.or.jp/at/2018/at180041.html"},
"CVE-2018-8541": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8542": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8543": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8544": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8551": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8553": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8555": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8556": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8557": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8588": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8589": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
"CVE-2018-8609": {"https://www.jpcert.or.jp/at/2018/at180046.html"},
}

96
alert/cve_us.go
View File

@@ -1,96 +0,0 @@
package alert
// CveDictEn has CVE-ID key which included USCERT alerts
var CveDictEn = map[string][]string{
"CVE-1999-0532": {"https://www.us-cert.gov/ncas/alerts/TA15-103A"},
"CVE-2006-3227": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2008-0015": {"https://www.us-cert.gov/ncas/alerts/TA09-195A", "https://www.us-cert.gov/ncas/alerts/TA09-209A"},
"CVE-2008-2244": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-0658": {"https://www.us-cert.gov/ncas/alerts/TA09-051A"},
"CVE-2009-0927": {"https://www.us-cert.gov/ncas/alerts/TA13-141A"},
"CVE-2009-1492": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
"CVE-2009-1493": {"https://www.us-cert.gov/ncas/alerts/TA09-133B"},
"CVE-2009-1537": {"https://www.us-cert.gov/ncas/alerts/TA09-195A"},
"CVE-2009-3103": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2009-3129": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-3674": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2009-3953": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-0018": {"https://www.us-cert.gov/ncas/alerts/TA10-012B"},
"CVE-2010-0188": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-0806": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-1297": {"https://www.us-cert.gov/ncas/alerts/TA10-162A", "https://www.us-cert.gov/ncas/alerts/TA10-159A"},
"CVE-2010-2883": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2010-3333": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-0101": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-0611": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2011-2462": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-0158": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1723": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1856": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2012-1889": {"https://www.us-cert.gov/ncas/alerts/TA12-174A"},
"CVE-2012-3174": {"https://www.us-cert.gov/ncas/alerts/TA13-010A"},
"CVE-2012-4681": {"https://www.us-cert.gov/ncas/alerts/TA12-240A"},
"CVE-2012-4792": {"https://www.us-cert.gov/ncas/alerts/TA13-015A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0074": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0140": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
"CVE-2013-0141": {"https://www.us-cert.gov/ncas/alerts/TA13-193A"},
"CVE-2013-0422": {"https://www.us-cert.gov/ncas/alerts/TA13-141A", "https://www.us-cert.gov/ncas/alerts/TA13-010A"},
"CVE-2013-0625": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0632": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-0809": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
"CVE-2013-1347": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-1493": {"https://www.us-cert.gov/ncas/alerts/TA13-064A"},
"CVE-2013-1571": {"https://www.us-cert.gov/ncas/alerts/TA13-169A"},
"CVE-2013-2465": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-2729": {"https://www.us-cert.gov/ncas/alerts/TA14-300A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-3336": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2013-5211": {"https://www.us-cert.gov/ncas/alerts/TA14-017A", "https://www.us-cert.gov/ncas/alerts/TA14-013A"},
"CVE-2013-5326": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0160": {"https://www.us-cert.gov/ncas/alerts/TA14-098A", "https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0322": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-0564": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-1761": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-1776": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-3393": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2014-3566": {"https://www.us-cert.gov/ncas/alerts/TA14-290A", "https://www.us-cert.gov/ncas/alerts/TA15-120A"},
"CVE-2014-4114": {"https://www.us-cert.gov/ncas/alerts/TA15-119A"},
"CVE-2014-6271": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6277": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6278": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-6321": {"https://www.us-cert.gov/ncas/alerts/TA14-318A"},
"CVE-2014-6332": {"https://www.us-cert.gov/ncas/alerts/TA14-318B"},
"CVE-2014-7169": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-7186": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-7187": {"https://www.us-cert.gov/ncas/alerts/TA14-268A"},
"CVE-2014-8730": {"https://www.us-cert.gov/ncas/alerts/TA14-290A"},
"CVE-2015-2387": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-5119": {"https://www.us-cert.gov/ncas/alerts/TA15-195A", "https://www.us-cert.gov/ncas/alerts/TA15-213A"},
"CVE-2015-5122": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-5123": {"https://www.us-cert.gov/ncas/alerts/TA15-195A"},
"CVE-2015-6585": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2015-8651": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-0034": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-1019": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-2207": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2208": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2209": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2210": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-2211": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-3644": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-3645": {"https://www.us-cert.gov/ncas/alerts/TA16-187A"},
"CVE-2016-4117": {"https://www.us-cert.gov/ncas/alerts/TA17-164A"},
"CVE-2016-6366": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6367": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6415": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-6909": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2016-7089": {"https://www.us-cert.gov/ncas/alerts/TA16-250A"},
"CVE-2017-0144": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2017-0145": {"https://www.us-cert.gov/ncas/alerts/TA17-181A"},
"CVE-2017-3066": {"https://www.us-cert.gov/ncas/alerts/AA18-284A"},
"CVE-2017-5715": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2017-5753": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2017-5754": {"https://www.us-cert.gov/ncas/alerts/TA18-141A", "https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2018-1038": {"https://www.us-cert.gov/ncas/alerts/TA18-004A"},
"CVE-2018-3639": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
"CVE-2018-3640": {"https://www.us-cert.gov/ncas/alerts/TA18-141A"},
}

21
alert/util.go
View File

@@ -1,21 +0,0 @@
package alert
// GenerateAlertDict returns XCERT alert slice by cveID
func GenerateAlertDict(cveID string, lang string) (alerts []Alert) {
if lang == "ja" {
if keys, ok := CveDictJa[cveID]; ok {
for _, key := range keys {
alerts = append(alerts, AlertDictJa[key])
}
}
return alerts
}
// default language is English
if keys, ok := CveDictEn[cveID]; ok {
for _, key := range keys {
alerts = append(alerts, AlertDictEn[key])
}
}
return alerts
}

17
cache/bolt.go vendored
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cache
import (

17
cache/bolt_test.go vendored
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cache
import (

17
cache/db.go vendored
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cache
import (

17
commands/configtest.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

17
commands/discover.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

17
commands/history.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

20
commands/report.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (
@@ -87,6 +70,7 @@ func (*ReportCmd) Usage() string {
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-pipe]
[-cvedb-type=sqlite3|mysql|postgres|redis|http]
[-cvedb-sqlite3-path=/path/to/cve.sqlite3]
@@ -112,6 +96,8 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
f.BoolVar(&c.Conf.DebugSQL, "debug-sql", false, "SQL debug mode")
f.BoolVar(&c.Conf.Quiet, "quiet", false, "Quiet mode. No output on stdout")
wd, _ := os.Getwd()
defaultConfPath := filepath.Join(wd, "config.toml")
f.StringVar(&p.configPath, "config", defaultConfPath, "/path/to/toml")

32
commands/scan.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (
@@ -58,6 +41,9 @@ func (*ScanCmd) Usage() string {
[-ssh-native-insecure]
[-ssh-config]
[-containers-only]
[-images-only]
[-libs-only]
[-wordpress-only]
[-skip-broken]
[-http-proxy=http://192.168.0.1:8080]
[-ask-key-password]
@@ -66,6 +52,8 @@ func (*ScanCmd) Usage() string {
[-debug]
[-pipe]
[-vvv]
[-ips]
[SERVER]...
`
@@ -101,6 +89,12 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
f.BoolVar(&c.Conf.ImagesOnly, "images-only", false,
"Scan container images only. Default: Scan both of hosts and images")
f.BoolVar(&c.Conf.LibsOnly, "libs-only", false,
"Scan libraries (lock files) specified in config.toml only.")
f.BoolVar(&c.Conf.WordPressOnly, "wordpress-only", false,
"Scan WordPress only.")
f.BoolVar(&c.Conf.SkipBroken, "skip-broken", false,
"[For CentOS] yum update changelog with --skip-broken option")
@@ -112,6 +106,8 @@ func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
)
f.BoolVar(&c.Conf.Pipe, "pipe", false, "Use stdin via PIPE")
f.BoolVar(&c.Conf.DetectIPS, "ips", false, "retrieve IPS information")
f.BoolVar(&c.Conf.Vvv, "vvv", false, "ssh -vvv")
f.IntVar(&p.timeoutSec, "timeout", 5*60,
@@ -211,6 +207,8 @@ func (p *ScanCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{})
util.Log.Info("Detecting Platforms... ")
scan.DetectPlatforms(p.timeoutSec)
util.Log.Info("Detecting IPS identifiers... ")
scan.DetectIPSs(p.timeoutSec)
util.Log.Info("Scanning vulnerabilities... ")
if err := scan.Scan(p.scanTimeoutSec); err != nil {

17
commands/server.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

17
commands/tui.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

17
commands/util.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands
import (

18
commands/util_test.go
View File

@@ -1,18 +0,0 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package commands

17
config/color.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package config
var (

93
config/config.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package config
import (
@@ -27,14 +10,14 @@ import (
"strings"
syslog "github.com/RackSec/srslog"
"github.com/aquasecurity/fanal/types"
valid "github.com/asaskevich/govalidator"
"github.com/knqyf263/fanal/types"
log "github.com/sirupsen/logrus"
"golang.org/x/xerrors"
)
// Version of Vuls
var Version = "0.7.0"
var Version = "0.9.4"
// Revision of Git
var Revision string
@@ -106,6 +89,7 @@ type Config struct {
LogDir string `json:"logDir,omitempty"`
ResultsDir string `json:"resultsDir,omitempty"`
Pipe bool `json:"pipe,omitempty"`
Quiet bool `json:"quiet,omitempty"`
Default ServerInfo `json:"default,omitempty"`
Servers map[string]ServerInfo `json:"servers,omitempty"`
@@ -115,14 +99,19 @@ type Config struct {
IgnoreUnfixed bool `json:"ignoreUnfixed,omitempty"`
IgnoreGitHubDismissed bool `json:"ignore_git_hub_dismissed,omitempty"`
SSHNative bool `json:"sshNative,omitempty"`
SSHConfig bool `json:"sshConfig,omitempty"`
ContainersOnly bool `json:"containersOnly,omitempty"`
ImagesOnly bool `json:"imagesOnly,omitempty"`
SkipBroken bool `json:"skipBroken,omitempty"`
CacheDBPath string `json:"cacheDBPath,omitempty"`
Vvv bool `json:"vvv,omitempty"`
UUID bool `json:"uuid,omitempty"`
SSHNative bool `json:"sshNative,omitempty"`
SSHConfig bool `json:"sshConfig,omitempty"`
ContainersOnly bool `json:"containersOnly,omitempty"`
ImagesOnly bool `json:"imagesOnly,omitempty"`
LibsOnly bool `json:"libsOnly,omitempty"`
WordPressOnly bool `json:"wordpressOnly,omitempty"`
SkipBroken bool `json:"skipBroken,omitempty"`
CacheDBPath string `json:"cacheDBPath,omitempty"`
Vvv bool `json:"vvv,omitempty"`
UUID bool `json:"uuid,omitempty"`
DetectIPS bool `json:"detectIps,omitempty"`
CveDict GoCveDictConf `json:"cveDict,omitempty"`
OvalDict GovalDictConf `json:"ovalDict,omitempty"`
@@ -166,7 +155,7 @@ type Config struct {
// ValidateOnConfigtest validates
func (c Config) ValidateOnConfigtest() bool {
errs := []error{}
errs := c.checkSSHKeyExist()
if runtime.GOOS == "windows" && !c.SSHNative {
errs = append(errs, xerrors.New("-ssh-native-insecure is needed on windows"))
@@ -186,14 +175,7 @@ func (c Config) ValidateOnConfigtest() bool {
// ValidateOnScan validates configuration
func (c Config) ValidateOnScan() bool {
errs := []error{}
if len(c.ResultsDir) != 0 {
if ok, _ := valid.IsFilePath(c.ResultsDir); !ok {
errs = append(errs, xerrors.Errorf(
"JSON base directory must be a *Absolute* file path. -results-dir: %s", c.ResultsDir))
}
}
errs := c.checkSSHKeyExist()
if runtime.GOOS == "windows" && !c.SSHNative {
errs = append(errs, xerrors.New("-ssh-native-insecure is needed on windows"))
@@ -226,6 +208,21 @@ func (c Config) ValidateOnScan() bool {
return len(errs) == 0
}
func (c Config) checkSSHKeyExist() (errs []error) {
for serverName, v := range c.Servers {
if v.Type == ServerTypePseudo {
continue
}
if v.KeyPath != "" {
if _, err := os.Stat(v.KeyPath); err != nil {
errs = append(errs, xerrors.Errorf(
"%s is invalid. keypath: %s not exists", serverName, v.KeyPath))
}
}
}
return errs
}
// ValidateOnReportDB validates configuration
func (c Config) ValidateOnReportDB() bool {
errs := []error{}
@@ -233,11 +230,6 @@ func (c Config) ValidateOnReportDB() bool {
if err := validateDB("cvedb", c.CveDict.Type, c.CveDict.SQLite3Path, c.CveDict.URL); err != nil {
errs = append(errs, err)
}
if c.CveDict.Type == "sqlite3" {
if _, err := os.Stat(c.CveDict.SQLite3Path); os.IsNotExist(err) {
errs = append(errs, xerrors.Errorf("SQLite3 DB path (%s) is not exist: %s", "cvedb", c.CveDict.SQLite3Path))
}
}
if err := validateDB("ovaldb", c.OvalDict.Type, c.OvalDict.SQLite3Path, c.OvalDict.URL); err != nil {
errs = append(errs, err)
@@ -331,11 +323,6 @@ func (c Config) ValidateOnTui() bool {
if err := validateDB("cvedb", c.CveDict.Type, c.CveDict.SQLite3Path, c.CveDict.URL); err != nil {
errs = append(errs, err)
}
if c.CveDict.Type == "sqlite3" {
if _, err := os.Stat(c.CveDict.SQLite3Path); os.IsNotExist(err) {
errs = append(errs, xerrors.Errorf("SQLite3 DB path (%s) is not exist: %s", "cvedb", c.CveDict.SQLite3Path))
}
}
for _, err := range errs {
log.Error(err)
@@ -1072,8 +1059,9 @@ type ServerInfo struct {
WordPress WordPressConf `toml:"wordpress,omitempty" json:"wordpress,omitempty"`
// used internal
IPv4Addrs []string `toml:"-" json:"ipv4Addrs,omitempty"`
IPv6Addrs []string `toml:"-" json:"ipv6Addrs,omitempty"`
IPv4Addrs []string `toml:"-" json:"ipv4Addrs,omitempty"`
IPv6Addrs []string `toml:"-" json:"ipv6Addrs,omitempty"`
IPSIdentifiers map[IPS]string `toml:"-" json:"ipsIdentifiers,omitempty"`
LogMsgAnsiColor string `toml:"-" json:"-"` // DebugLog Color
Container Container `toml:"-" json:"-"`
@@ -1103,6 +1091,7 @@ type WordPressConf struct {
type Image struct {
Name string `json:"name"`
Tag string `json:"tag"`
Digest string `json:"digest"`
DockerOption types.DockerOption `json:"dockerOption,omitempty"`
Cpes []string `json:"cpes,omitempty"`
OwaspDCXMLPath string `json:"owaspDCXMLPath"`
@@ -1110,6 +1099,14 @@ type Image struct {
IgnoreCves []string `json:"ignoreCves,omitempty"`
}
// GetFullName returns a full name of the image
func (i *Image) GetFullName() string {
if i.Digest != "" {
return i.Name + "@" + i.Digest
}
return i.Name + ":" + i.Tag
}
// GitHubConf is used for GitHub integration
type GitHubConf struct {
Token string `json:"-"`

9
config/ips.go Normal file
View File

@@ -0,0 +1,9 @@
package config
// IPS is
type IPS string
const (
// DeepSecurity is
DeepSecurity IPS = "deepsecurity"
)

17
config/jsonloader.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package config
import "golang.org/x/xerrors"

17
config/loader.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package config
// Load loads configuration

32
config/tomlloader.go
View File

@@ -1,24 +1,6 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package config
import (
"os"
"regexp"
"strings"
@@ -109,13 +91,6 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
if len(s.KeyPath) == 0 {
s.KeyPath = d.KeyPath
}
if s.KeyPath != "" {
if _, err := os.Stat(s.KeyPath); err != nil {
return xerrors.Errorf(
"%s is invalid. keypath: %s not exists", serverName, s.KeyPath)
}
}
s.KeyPassword = v.KeyPassword
if len(s.KeyPassword) == 0 {
s.KeyPassword = d.KeyPassword
@@ -323,8 +298,11 @@ func IsValidImage(c Image) error {
if c.Name == "" {
return xerrors.New("Invalid arguments : no image name")
}
if c.Tag == "" {
return xerrors.New("Invalid arguments : no image tag")
if c.Tag == "" && c.Digest == "" {
return xerrors.New("Invalid arguments : no image tag and digest")
}
if c.Tag != "" && c.Digest != "" {
return xerrors.New("Invalid arguments : you can either set image tag or digest")
}
return nil
}

59
config/tomlloader_test.go
View File

@@ -42,3 +42,62 @@ func TestToCpeURI(t *testing.T) {
}
}
}
func TestIsValidImage(t *testing.T) {
var tests = []struct {
name string
img Image
errOccur bool
}{
{
name: "ok with tag",
img: Image{
Name: "ok",
Tag: "ok",
},
errOccur: false,
},
{
name: "ok with digest",
img: Image{
Name: "ok",
Digest: "ok",
},
errOccur: false,
},
{
name: "no image name with tag",
img: Image{
Tag: "ok",
},
errOccur: true,
},
{
name: "no image name with digest",
img: Image{
Digest: "ok",
},
errOccur: true,
},
{
name: "no tag and digest",
img: Image{
Name: "ok",
},
errOccur: true,
},
}
for i, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := IsValidImage(tt.img)
actual := err != nil
if actual != tt.errOccur {
t.Errorf("[%d] act: %v, exp: %v",
i, actual, tt.errOccur)
}
})
}
}

21
contrib/owasp-dependency-check/parser/parser.go
View File

@@ -6,6 +6,7 @@ import (
"os"
"strings"
"github.com/knqyf263/go-cpe/naming"
log "github.com/sirupsen/logrus"
"golang.org/x/xerrors"
)
@@ -15,12 +16,11 @@ type analysis struct {
}
type dependency struct {
Identifiers []identifier `xml:"identifiers>identifier"`
Identifiers []vulnerabilityID `xml:"identifiers>vulnerabilityIds"`
}
type identifier struct {
Name string `xml:"name"`
Type string `xml:"type,attr"`
type vulnerabilityID struct {
ID string `xml:"id"`
}
func appendIfMissing(slice []string, str string) []string {
@@ -55,11 +55,16 @@ func Parse(path string) ([]string, error) {
cpes := []string{}
for _, d := range anal.Dependencies {
for _, ident := range d.Identifiers {
if ident.Type == "cpe" {
name := strings.TrimPrefix(ident.Name, "(")
name = strings.TrimSuffix(name, ")")
cpes = appendIfMissing(cpes, name)
id := ident.ID // Start with cpe:2.3:
// Convert from CPE 2.3 to CPE 2.2
if strings.HasPrefix(id, "cpe:2.3:") {
wfn, err := naming.UnbindFS(id)
if err != nil {
return []string{}, err
}
id = naming.BindToURI(wfn)
}
cpes = appendIfMissing(cpes, id)
}
}
return cpes, nil

33
cwe/cwe.go Normal file
View File

@@ -0,0 +1,33 @@
package cwe
// CweTopTwentyfive2019 has CWE-ID in CWE Top 25
var CweTopTwentyfive2019 = map[string]string{
"119": "1",
"79": "2",
"20": "3",
"200": "4",
"125": "5",
"89": "6",
"416": "7",
"190": "8",
"352": "9",
"22": "10",
"78": "11",
"787": "12",
"287": "13",
"476": "14",
"732": "16",
"434": "16",
"611": "17",
"94": "18",
"798": "19",
"400": "20",
"772": "21",
"426": "22",
"502": "23",
"269": "24",
"295": "25",
}
// CweTopTwentyfive2019URL has CWE Top25 links
var CweTopTwentyfive2019URL = "https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html"

33
cwe/sans.go Normal file
View File

@@ -0,0 +1,33 @@
package cwe
// SansTopTwentyfive has CWE-ID in CWE/SANS Top 25
var SansTopTwentyfive = map[string]string{
"89": "1",
"78": "2",
"120": "3",
"79": "4",
"306": "5",
"862": "6",
"798": "7",
"311": "8",
"434": "9",
"807": "10",
"250": "11",
"352": "12",
"22": "13",
"494": "14",
"863": "15",
"829": "16",
"732": "17",
"676": "18",
"327": "19",
"131": "20",
"307": "21",
"601": "22",
"134": "23",
"190": "24",
"759": "25",
}
// SansTopTwentyfiveURL is a URL of sans 25
var SansTopTwentyfiveURL = "https://www.sans.org/top25-software-errors/"

20
exploit/exploit.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package exploit
import (
@@ -61,6 +44,9 @@ func FillWithExploit(driver db.DB, r *models.ScanResult) (nExploitCve int, err e
return 0, nil
}
for cveID, vuln := range r.ScannedCves {
if cveID == "" {
continue
}
es := driver.GetExploitByCveID(cveID)
if len(es) == 0 {
continue

8
exploit/exploit_test.go
View File

@@ -1,8 +0,0 @@
package exploit
import (
"testing"
)
func TestSetPackageStates(t *testing.T) {
}

17
exploit/util.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package exploit
import (

146
github/github.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package github
import (
@@ -22,14 +5,13 @@ import (
"context"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"time"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/errof"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
"github.com/k0kubun/pp"
"golang.org/x/oauth2"
)
@@ -42,8 +24,9 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
httpClient := oauth2.NewClient(context.Background(), src)
// TODO Use `https://github.com/shurcooL/githubv4` if the tool supports vulnerabilityAlerts Endpoint
// Memo : https://developer.github.com/v4/explorer/
const jsonfmt = `{"query":
"query { repository(owner:\"%s\", name:\"%s\") { url, vulnerabilityAlerts(first: %d, %s) { pageInfo{ endCursor, hasNextPage, startCursor}, edges { node { id, externalIdentifier, externalReference, fixedIn, packageName, dismissReason, dismissedAt } } } } }"}`
"query { repository(owner:\"%s\", name:\"%s\") { url vulnerabilityAlerts(first: %d, %s) { pageInfo { endCursor hasNextPage startCursor } edges { node { id dismissReason dismissedAt securityVulnerability{ package { name ecosystem } severity vulnerableVersionRange firstPatchedVersion { identifier } } securityAdvisory { description ghsaId permalink publishedAt summary updatedAt withdrawnAt origin severity references { url } identifiers { type value } } } } } } } "}`
after := ""
for {
@@ -60,7 +43,7 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
// To toggle this preview and access data, need to provide a custom media type in the Accept header:
// MEMO: I tried to get the affected version via GitHub API. Bit it seems difficult to determin the affected version if there are multiple dependency files such as package.json.
// TODO remove this header if it is no longer preview status in the future.
req.Header.Set("Accept", "application/vnd.github.vixen-preview+json")
req.Header.Set("Accept", "application/vnd.github.package-deletes-preview+json")
req.Header.Set("Content-Type", "application/json")
resp, err := httpClient.Do(req)
@@ -68,16 +51,23 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
return 0, err
}
defer resp.Body.Close()
alerts := SecurityAlerts{}
if json.NewDecoder(resp.Body).Decode(&alerts); err != nil {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return 0, err
}
util.Log.Debugf("%s", pp.Sprint(alerts))
alerts := SecurityAlerts{}
if json.Unmarshal(body, &alerts); err != nil {
return 0, err
}
// util.Log.Debugf("%s", pp.Sprint(alerts))
// util.Log.Debugf("%s", string(body))
if alerts.Data.Repository.URL == "" {
return 0, errof.New(
errof.ErrFailedToAccessGithubAPI,
fmt.Sprintf("Failed to access to GitHub API. Response: %#v", alerts),
fmt.Sprintf("Failed to access to GitHub API. Response: %s", string(body)),
)
}
@@ -87,31 +77,45 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
}
pkgName := fmt.Sprintf("%s %s",
alerts.Data.Repository.URL, v.Node.PackageName)
alerts.Data.Repository.URL, v.Node.SecurityVulnerability.Package.Name)
m := models.GitHubSecurityAlert{
PackageName: pkgName,
FixedIn: v.Node.FixedIn,
AffectedRange: v.Node.AffectedRange,
FixedIn: v.Node.SecurityVulnerability.FirstPatchedVersion.Identifier,
AffectedRange: v.Node.SecurityVulnerability.VulnerableVersionRange,
Dismissed: len(v.Node.DismissReason) != 0,
DismissedAt: v.Node.DismissedAt,
DismissReason: v.Node.DismissReason,
}
cveID := v.Node.ExternalIdentifier
if val, ok := r.ScannedCves[cveID]; ok {
val.GitHubSecurityAlerts = val.GitHubSecurityAlerts.Add(m)
r.ScannedCves[cveID] = val
nCVEs++
} else {
v := models.VulnInfo{
CveID: cveID,
Confidences: models.Confidences{models.GitHubMatch},
GitHubSecurityAlerts: models.GitHubSecurityAlerts{m},
cveIDs, other := []string{}, []string{}
for _, identifier := range v.Node.SecurityAdvisory.Identifiers {
if identifier.Type == "CVE" {
cveIDs = append(cveIDs, identifier.Value)
} else {
other = append(other, identifier.Value)
}
}
// If CVE-ID has not been assigned, use the GHSA ID etc as a ID.
if len(cveIDs) == 0 {
cveIDs = other
}
for _, cveID := range cveIDs {
if val, ok := r.ScannedCves[cveID]; ok {
val.GitHubSecurityAlerts = val.GitHubSecurityAlerts.Add(m)
r.ScannedCves[cveID] = val
nCVEs++
} else {
v := models.VulnInfo{
CveID: cveID,
Confidences: models.Confidences{models.GitHubMatch},
GitHubSecurityAlerts: models.GitHubSecurityAlerts{m},
}
r.ScannedCves[cveID] = v
nCVEs++
}
r.ScannedCves[cveID] = v
nCVEs++
}
}
if !alerts.Data.Repository.VulnerabilityAlerts.PageInfo.HasNextPage {
@@ -126,26 +130,50 @@ func FillGitHubSecurityAlerts(r *models.ScanResult, owner, repo, token string) (
type SecurityAlerts struct {
Data struct {
Repository struct {
URL string `json:"url,omitempty"`
URL string `json:"url"`
VulnerabilityAlerts struct {
PageInfo struct {
EndCursor string `json:"endCursor,omitempty"`
HasNextPage bool `json:"hasNextPage,omitempty"`
StartCursor string `json:"startCursor,omitempty"`
} `json:"pageInfo,omitempty"`
EndCursor string `json:"endCursor"`
HasNextPage bool `json:"hasNextPage"`
StartCursor string `json:"startCursor"`
} `json:"pageInfo"`
Edges []struct {
Node struct {
ID string `json:"id,omitempty"`
ExternalIdentifier string `json:"externalIdentifier,omitempty"`
ExternalReference string `json:"externalReference,omitempty"`
FixedIn string `json:"fixedIn,omitempty"`
AffectedRange string `json:"affectedRange,omitempty"`
PackageName string `json:"packageName,omitempty"`
DismissReason string `json:"dismissReason,omitempty"`
DismissedAt time.Time `json:"dismissedAt,omitempty"`
} `json:"node,omitempty"`
} `json:"edges,omitempty"`
} `json:"vulnerabilityAlerts,omitempty"`
} `json:"repository,omitempty"`
} `json:"data,omitempty"`
ID string `json:"id"`
DismissReason string `json:"dismissReason"`
DismissedAt time.Time `json:"dismissedAt"`
SecurityVulnerability struct {
Package struct {
Name string `json:"name"`
Ecosystem string `json:"ecosystem"`
} `json:"package"`
Severity string `json:"severity"`
VulnerableVersionRange string `json:"vulnerableVersionRange"`
FirstPatchedVersion struct {
Identifier string `json:"identifier"`
} `json:"firstPatchedVersion"`
} `json:"securityVulnerability"`
SecurityAdvisory struct {
Description string `json:"description"`
GhsaID string `json:"ghsaId"`
Permalink string `json:"permalink"`
PublishedAt time.Time `json:"publishedAt"`
Summary string `json:"summary"`
UpdatedAt time.Time `json:"updatedAt"`
WithdrawnAt time.Time `json:"withdrawnAt"`
Origin string `json:"origin"`
Severity string `json:"severity"`
References []struct {
URL string `json:"url"`
} `json:"references"`
Identifiers []struct {
Type string `json:"type"`
Value string `json:"value"`
} `json:"identifiers"`
} `json:"securityAdvisory"`
} `json:"node"`
} `json:"edges"`
} `json:"vulnerabilityAlerts"`
} `json:"repository"`
} `json:"data"`
}

152
go.mod
View File

@@ -1,110 +1,52 @@
module github.com/future-architect/vuls
go 1.12
go 1.13
require (
cloud.google.com/go v0.40.0 // indirect
contrib.go.opencensus.io/exporter/ocagent v0.4.12 // indirect
github.com/Azure/azure-sdk-for-go v28.1.0+incompatible
github.com/Azure/go-autorest v12.0.0+incompatible // indirect
github.com/BurntSushi/toml v0.3.1
github.com/Microsoft/go-winio v0.4.12 // indirect
github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
github.com/aws/aws-sdk-go v1.19.24
github.com/beorn7/perks v1.0.0 // indirect
github.com/boltdb/bolt v1.3.1
github.com/cenkalti/backoff v2.1.1+incompatible
github.com/cheggaaa/pb v2.0.6+incompatible // indirect
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc // indirect
github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3 // indirect
github.com/dnaeon/go-vcr v1.0.1 // indirect
github.com/elazarl/goproxy v0.0.0-20190421051319-9d40249d3c2f // indirect
github.com/elazarl/goproxy/ext v0.0.0-20190421051319-9d40249d3c2f // indirect
github.com/genuinetools/reg v0.16.1 // indirect
github.com/go-redis/redis v6.15.2+incompatible // indirect
github.com/gogo/protobuf v1.2.1 // indirect
github.com/golang/mock v1.3.1 // indirect
github.com/google/btree v1.0.0 // indirect
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f // indirect
github.com/google/subcommands v1.0.1
github.com/gorilla/mux v1.7.1 // indirect
github.com/gorilla/websocket v1.4.0 // indirect
github.com/gosuri/uitable v0.0.1
github.com/grokify/html-strip-tags-go v0.0.0-20190424092004-025bd760b278 // indirect
github.com/hashicorp/go-version v1.2.0
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c
github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c
github.com/jinzhu/gorm v1.9.8 // indirect
github.com/jinzhu/inflection v0.0.0-20190603042836-f5c5f50e6090 // indirect
github.com/jroimartin/gocui v0.4.0
github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88 // indirect
github.com/k0kubun/pp v3.0.1+incompatible
github.com/knqyf263/fanal v0.0.0-20190528042547-07e27879b658
github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2
github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
github.com/knqyf263/go-dep-parser v0.0.0-20190521150559-1ef8521d17a0
github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
github.com/knqyf263/go-version v1.1.1
github.com/knqyf263/gost v0.0.0-20190326022014-39175c0da9e3
github.com/knqyf263/trivy v0.1.1
github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
github.com/kotakanbe/go-cve-dictionary v0.0.0-20190327053454-5fe52611f0b8
github.com/kotakanbe/go-pingscanner v0.1.0
github.com/kotakanbe/goval-dictionary v0.1.3-0.20190613053258-078b163b76ec
github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96
github.com/kr/pty v1.1.5 // indirect
github.com/labstack/echo v3.3.10+incompatible // indirect
github.com/labstack/gommon v0.2.9 // indirect
github.com/lib/pq v1.1.1 // indirect
github.com/lusis/go-slackbot v0.0.0-20180109053408-401027ccfef5 // indirect
github.com/lusis/slack-test v0.0.0-20190426140909-c40012f20018 // indirect
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
github.com/mitchellh/go-homedir v1.1.0
github.com/moul/http2curl v1.0.0 // indirect
github.com/mozqnet/go-exploitdb v0.0.0-20190426034301-a055cc2c195d
github.com/nlopes/slack v0.4.0
github.com/nsf/termbox-go v0.0.0-20190325093121-288510b9734e // indirect
github.com/olekukonko/tablewriter v0.0.1
github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
github.com/parnurzeal/gorequest v0.2.15
github.com/pelletier/go-toml v1.4.0 // indirect
github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 // indirect
github.com/prometheus/common v0.3.0 // indirect
github.com/prometheus/procfs v0.0.0-20190503130316-740c07785007 // indirect
github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5
github.com/satori/go.uuid v1.2.0 // indirect
github.com/sirupsen/logrus v1.2.0
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a // indirect
github.com/spf13/afero v1.2.2 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/viper v1.3.2 // indirect
go.opencensus.io v0.22.0 // indirect
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522 // indirect
golang.org/x/image v0.0.0-20190523035834-f03afa92d3ff // indirect
golang.org/x/mobile v0.0.0-20190607214518-6fa95d984e88 // indirect
golang.org/x/mod v0.1.0 // indirect
golang.org/x/net v0.0.0-20190611141213-3f473d35a33a // indirect
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
golang.org/x/sys v0.0.0-20190610200419-93c9922d18ae // indirect
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect
golang.org/x/tools v0.0.0-20190612232758-d4e310b4a8a5 // indirect
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373
google.golang.org/appengine v1.6.1 // indirect
google.golang.org/genproto v0.0.0-20190611190212-a7e196e89fd3 // indirect
google.golang.org/grpc v1.21.1 // indirect
gopkg.in/VividCortex/ewma.v1 v1.1.1 // indirect
gopkg.in/cheggaaa/pb.v2 v2.0.6 // indirect
gopkg.in/fatih/color.v1 v1.7.0 // indirect
gopkg.in/mattn/go-colorable.v0 v0.0.0-00010101000000-000000000000 // indirect
gopkg.in/mattn/go-isatty.v0 v0.0.0-00010101000000-000000000000 // indirect
gopkg.in/mattn/go-runewidth.v0 v0.0.4 // indirect
honnef.co/go/tools v0.0.0-20190607181801-497c8f037f5a // indirect
replace (
github.com/genuinetools/reg => github.com/tomoyamachi/reg v0.16.1-0.20190706172545-2a2250fd7c00
gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0
gopkg.in/mattn/go-isatty.v0 => github.com/mattn/go-isatty v0.0.6
)
replace github.com/genuinetools/reg => github.com/tomoyamachi/reg v0.16.2-0.20190418055600-c6010b917a55
replace gopkg.in/mattn/go-colorable.v0 => github.com/mattn/go-colorable v0.1.0
replace gopkg.in/mattn/go-isatty.v0 => github.com/mattn/go-isatty v0.0.6
require (
github.com/Azure/azure-sdk-for-go v41.2.0+incompatible
github.com/Azure/go-autorest/autorest v0.10.0 // indirect
github.com/BurntSushi/toml v0.3.1
github.com/RackSec/srslog v0.0.0-20180709174129-a4725f04ec91
github.com/aquasecurity/fanal v0.0.0-20200124194549-91468b8e0460
github.com/aquasecurity/go-dep-parser v0.0.0-20190819075924-ea223f0ef24b
github.com/aquasecurity/trivy v0.1.6
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
github.com/aws/aws-sdk-go v1.30.9
github.com/boltdb/bolt v1.3.1
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/google/subcommands v1.2.0
github.com/gosuri/uitable v0.0.4
github.com/hashicorp/go-version v1.2.0
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c
github.com/howeyc/gopass v0.0.0-20190910152052-7cb4b85ec19c
github.com/jesseduffield/gocui v0.3.0
github.com/k0kubun/pp v3.0.1+incompatible
github.com/knqyf263/go-cpe v0.0.0-20180327054844-659663f6eca2
github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d
github.com/knqyf263/go-rpm-version v0.0.0-20170716094938-74609b86c936
github.com/knqyf263/go-version v1.1.1
github.com/knqyf263/gost v0.1.3
github.com/kotakanbe/go-cve-dictionary v0.4.2
github.com/kotakanbe/go-pingscanner v0.1.0
github.com/kotakanbe/goval-dictionary v0.2.5
github.com/kotakanbe/logrus-prefixed-formatter v0.0.0-20180123152602-928f7356cb96
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
github.com/mitchellh/go-homedir v1.1.0
github.com/mozqnet/go-exploitdb v0.0.0-20190911093644-f647f17ea8ca
github.com/nlopes/slack v0.6.0
github.com/nsf/termbox-go v0.0.0-20200418040025-38ba6e5628f1 // indirect
github.com/olekukonko/tablewriter v0.0.4
github.com/parnurzeal/gorequest v0.2.16
github.com/rifflock/lfshook v0.0.0-20180920164130-b9218ef580f5
github.com/satori/go.uuid v1.2.0 // indirect
github.com/sirupsen/logrus v1.5.0
golang.org/x/crypto v0.0.0-20200414173820-0848c9571904
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
)

712
go.sum
View File

File diff suppressed because it is too large Load Diff

51
gost/base.go Normal file
View File

@@ -0,0 +1,51 @@
package gost
import (
"fmt"
"net/http"
cnf "github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/knqyf263/gost/db"
"github.com/parnurzeal/gorequest"
"golang.org/x/xerrors"
)
// Base is a base struct
type Base struct {
}
// FillCVEsWithRedHat fills cve information that has in Gost
func (b Base) FillCVEsWithRedHat(driver db.DB, r *models.ScanResult) error {
return RedHat{}.fillFixed(driver, r)
}
// CheckHTTPHealth do health check
func (b Base) CheckHTTPHealth() error {
if !cnf.Conf.Gost.IsFetchViaHTTP() {
return nil
}
url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL)
var errs []error
var resp *http.Response
resp, _, errs = gorequest.New().Get(url).End()
// resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
// resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs)
}
return nil
}
// CheckIfGostFetched checks if oval entries are in DB by family, release.
func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) {
//TODO
return true, nil
}
// CheckIfGostFresh checks if oval entries are fresh enough
func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) {
//TODO
return true, nil
}

21
gost/debian.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package gost
import (
@@ -38,8 +21,8 @@ type packCves struct {
cves []models.CveContent
}
// FillWithGost fills cve information that has in Gost
func (deb Debian) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
// DetectUnfixed fills cve information that has in Gost
func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
linuxImage := "linux-image-" + r.RunningKernel.Release
// Add linux and set the version of running kernel to search OVAL.
if r.Container.ContainerID == "" {

75
gost/gost.go
View File

@@ -1,37 +1,15 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package gost
import (
"fmt"
"net/http"
"strings"
cnf "github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/knqyf263/gost/db"
"github.com/parnurzeal/gorequest"
"golang.org/x/xerrors"
)
// Client is the interface of OVAL client.
type Client interface {
FillWithGost(db.DB, *models.ScanResult) (int, error)
DetectUnfixed(db.DB, *models.ScanResult, bool) (int, error)
FillCVEsWithRedHat(db.DB, *models.ScanResult) error
//TODO implement
// CheckHTTPHealth() error
@@ -53,52 +31,3 @@ func NewClient(family string) Client {
return Pseudo{}
}
}
// Base is a base struct
type Base struct {
family string
}
// CheckHTTPHealth do health check
func (b Base) CheckHTTPHealth() error {
if !cnf.Conf.Gost.IsFetchViaHTTP() {
return nil
}
url := fmt.Sprintf("%s/health", cnf.Conf.Gost.URL)
var errs []error
var resp *http.Response
resp, _, errs = gorequest.New().Get(url).End()
// resp, _, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
// resp, _, errs = gorequest.New().Proxy(api.httpProxy).Get(url).End()
if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
return xerrors.Errorf("Failed to connect to gost server. url: %s, errs: %w", url, errs)
}
return nil
}
// CheckIfGostFetched checks if oval entries are in DB by family, release.
func (b Base) CheckIfGostFetched(driver db.DB, osFamily string) (fetched bool, err error) {
//TODO
return true, nil
}
// CheckIfGostFresh checks if oval entries are fresh enough
func (b Base) CheckIfGostFresh(driver db.DB, osFamily string) (ok bool, err error) {
//TODO
return true, nil
}
// Pseudo is Gost client except for RedHat family and Debian
type Pseudo struct {
Base
}
// FillWithGost fills cve information that has in Gost
func (pse Pseudo) FillWithGost(driver db.DB, r *models.ScanResult) (int, error) {
return 0, nil
}
func major(osVer string) (majorVersion string) {
return strings.Split(osVer, ".")[0]
}

21
gost/microsoft.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package gost
import (
@@ -30,8 +13,8 @@ type Microsoft struct {
Base
}
// FillWithGost fills cve information that has in Gost
func (ms Microsoft) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
// DetectUnfixed fills cve information that has in Gost
func (ms Microsoft) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
if driver == nil {
return 0, nil
}

21
gost/pseudo.go Normal file
View File

@@ -0,0 +1,21 @@
package gost
import (
"github.com/future-architect/vuls/models"
"github.com/knqyf263/gost/db"
"strings"
)
// Pseudo is Gost client except for RedHat family and Debian
type Pseudo struct {
Base
}
// DetectUnfixed fills cve information that has in Gost
func (pse Pseudo) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (int, error) {
return 0, nil
}
func major(osVer string) (majorVersion string) {
return strings.Split(osVer, ".")[0]
}

32
gost/redhat.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package gost
import (
@@ -34,12 +17,9 @@ type RedHat struct {
Base
}
// FillWithGost fills cve information that has in Gost
func (red RedHat) FillWithGost(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
if nCVEs, err = red.fillUnfixed(driver, r); err != nil {
return 0, err
}
return nCVEs, red.fillFixed(driver, r)
// DetectUnfixed fills cve information that has in Gost
func (red RedHat) DetectUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
return red.fillUnfixed(driver, r, ignoreWillNotFix)
}
func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
@@ -88,7 +68,7 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
return nil
}
for cveID, redCve := range driver.GetRedhatMulti(cveIDs) {
if redCve.ID == 0 {
if len(redCve.Name) == 0 {
continue
}
cveCont := red.ConvertToModel(&redCve)
@@ -113,7 +93,7 @@ func (red RedHat) fillFixed(driver db.DB, r *models.ScanResult) error {
return nil
}
func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
if config.Conf.Gost.IsFetchViaHTTP() {
prefix, _ := util.URLPathJoin(config.Conf.Gost.URL,
"redhat", major(r.Release), "pkgs")
@@ -160,7 +140,7 @@ func (red RedHat) fillUnfixed(driver db.DB, r *models.ScanResult) (nCVEs int, er
for _, pack := range r.Packages {
// CVE-ID: RedhatCVE
cves := map[string]gostmodels.RedhatCVE{}
cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name)
cves = driver.GetUnfixedCvesRedhat(major(r.Release), pack.Name, ignoreWillNotFix)
for _, cve := range cves {
cveCont := red.ConvertToModel(&cve)
v, ok := r.ScannedCves[cve.Name]

17
gost/util.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package gost
import (

6
libmanager/libManager.go
View File

@@ -1,8 +1,8 @@
package libmanager
import (
"github.com/knqyf263/trivy/pkg/db"
"github.com/knqyf263/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/db"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/future-architect/vuls/models"
)
@@ -10,7 +10,7 @@ import (
// FillLibrary fills LibraryScanner informations
func FillLibrary(r *models.ScanResult) (totalCnt int, err error) {
// initialize trivy's logger and db
err = log.InitLogger(false)
err = log.InitLogger(false, false)
if err != nil {
return 0, err
}

17
main.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package main
import (

19
models/cvecontents.go
View File

@@ -1,26 +1,9 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
"time"
"github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability"
"github.com/aquasecurity/trivy/pkg/vulnsrc/vulnerability"
)
// CveContents has CveContent

16
models/cvecontents_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (

6
models/library.go
View File

@@ -3,12 +3,12 @@ package models
import (
"path/filepath"
"github.com/aquasecurity/trivy/pkg/scanner/library"
"github.com/aquasecurity/trivy/pkg/vulnsrc/vulnerability"
"github.com/future-architect/vuls/util"
"github.com/knqyf263/trivy/pkg/scanner/library"
"github.com/knqyf263/trivy/pkg/vulnsrc/vulnerability"
"golang.org/x/xerrors"
"github.com/knqyf263/go-dep-parser/pkg/types"
"github.com/aquasecurity/go-dep-parser/pkg/types"
"github.com/knqyf263/go-version"
)

8
models/library_test.go
View File

@@ -3,9 +3,9 @@ package models
import (
"testing"
godeptypes "github.com/knqyf263/go-dep-parser/pkg/types"
"github.com/knqyf263/trivy/pkg/db"
"github.com/knqyf263/trivy/pkg/log"
godeptypes "github.com/aquasecurity/go-dep-parser/pkg/types"
"github.com/aquasecurity/trivy/pkg/db"
"github.com/aquasecurity/trivy/pkg/log"
)
func TestScan(t *testing.T) {
@@ -28,7 +28,7 @@ func TestScan(t *testing.T) {
},
}
if err := log.InitLogger(false); err != nil {
if err := log.InitLogger(false, false); err != nil {
t.Errorf("trivy logger failed")
}

17
models/models.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
// JSONVersion is JSON Version

18
models/models_test.go
View File

@@ -1,18 +0,0 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models

38
models/packages.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
@@ -137,18 +120,23 @@ func (p Package) FormatNewVer() string {
}
// FormatVersionFromTo formats installed and new package version
func (p Package) FormatVersionFromTo(notFixedYet bool, status string) string {
func (p Package) FormatVersionFromTo(stat PackageFixStatus) string {
to := p.FormatNewVer()
if notFixedYet {
if status != "" {
to = status
if stat.NotFixedYet {
if stat.FixState != "" {
to = stat.FixState
} else {
to = "Not Fixed Yet"
}
} else if p.NewVersion == "" {
to = "Unknown"
}
return fmt.Sprintf("%s-%s -> %s", p.Name, p.FormatVer(), to)
var fixedIn string
if stat.FixedIn != "" {
fixedIn = fmt.Sprintf(" (FixedIn: %s)", stat.FixedIn)
}
return fmt.Sprintf("%s-%s -> %s%s",
p.Name, p.FormatVer(), to, fixedIn)
}
// FormatChangelog formats the changelog
@@ -185,8 +173,9 @@ type Changelog struct {
// AffectedProcess keep a processes information affected by software update
type AffectedProcess struct {
PID string `json:"pid"`
Name string `json:"name"`
PID string `json:"pid,omitempty"`
Name string `json:"name,omitempty"`
ListenPorts []string `json:"listenPorts,omitempty"`
}
// NeedRestartProcess keep a processes information affected by software update
@@ -206,6 +195,7 @@ type NeedRestartProcess struct {
type SrcPackage struct {
Name string `json:"name"`
Version string `json:"version"`
Arch string `json:"arch"`
BinaryNames []string `json:"binaryNames"`
}

138
models/packages_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
@@ -191,3 +175,125 @@ func TestFindByBinName(t *testing.T) {
}
}
}
func TestPackage_FormatVersionFromTo(t *testing.T) {
type fields struct {
Name string
Version string
Release string
NewVersion string
NewRelease string
Arch string
Repository string
Changelog Changelog
AffectedProcs []AffectedProcess
NeedRestartProcs []NeedRestartProcess
}
type args struct {
stat PackageFixStatus
}
tests := []struct {
name string
fields fields
args args
want string
}{
{
name: "fixed",
fields: fields{
Name: "packA",
Version: "1.0.0",
Release: "a",
NewVersion: "1.0.1",
NewRelease: "b",
},
args: args{
stat: PackageFixStatus{
NotFixedYet: false,
FixedIn: "1.0.1-b",
},
},
want: "packA-1.0.0-a -> 1.0.1-b (FixedIn: 1.0.1-b)",
},
{
name: "nfy",
fields: fields{
Name: "packA",
Version: "1.0.0",
Release: "a",
},
args: args{
stat: PackageFixStatus{
NotFixedYet: true,
},
},
want: "packA-1.0.0-a -> Not Fixed Yet",
},
{
name: "nfy",
fields: fields{
Name: "packA",
Version: "1.0.0",
Release: "a",
},
args: args{
stat: PackageFixStatus{
NotFixedYet: false,
FixedIn: "1.0.1-b",
},
},
want: "packA-1.0.0-a -> Unknown (FixedIn: 1.0.1-b)",
},
{
name: "nfy2",
fields: fields{
Name: "packA",
Version: "1.0.0",
Release: "a",
},
args: args{
stat: PackageFixStatus{
NotFixedYet: true,
FixedIn: "1.0.1-b",
FixState: "open",
},
},
want: "packA-1.0.0-a -> open (FixedIn: 1.0.1-b)",
},
{
name: "nfy3",
fields: fields{
Name: "packA",
Version: "1.0.0",
Release: "a",
},
args: args{
stat: PackageFixStatus{
NotFixedYet: true,
FixedIn: "1.0.1-b",
FixState: "open",
},
},
want: "packA-1.0.0-a -> open (FixedIn: 1.0.1-b)",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := Package{
Name: tt.fields.Name,
Version: tt.fields.Version,
Release: tt.fields.Release,
NewVersion: tt.fields.NewVersion,
NewRelease: tt.fields.NewRelease,
Arch: tt.fields.Arch,
Repository: tt.fields.Repository,
Changelog: tt.fields.Changelog,
AffectedProcs: tt.fields.AffectedProcs,
NeedRestartProcs: tt.fields.NeedRestartProcs,
}
if got := p.FormatVersionFromTo(tt.args.stat); got != tt.want {
t.Errorf("Package.FormatVersionFromTo() = %v, want %v", got, tt.want)
}
})
}
}

111
models/scanresults.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
@@ -24,8 +7,6 @@ import (
"strings"
"time"
"github.com/future-architect/vuls/alert"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/cwe"
"github.com/future-architect/vuls/util"
@@ -36,31 +17,32 @@ type ScanResults []ScanResult
// ScanResult has the result of scanned CVE information.
type ScanResult struct {
JSONVersion int `json:"jsonVersion"`
Lang string `json:"lang"`
ServerUUID string `json:"serverUUID"`
ServerName string `json:"serverName"` // TOML Section key
Family string `json:"family"`
Release string `json:"release"`
Container Container `json:"container"`
Image Image `json:"image"`
Platform Platform `json:"platform"`
IPv4Addrs []string `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
IPv6Addrs []string `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
ScannedAt time.Time `json:"scannedAt"`
ScanMode string `json:"scanMode"`
ScannedVersion string `json:"scannedVersion"`
ScannedRevision string `json:"scannedRevision"`
ScannedBy string `json:"scannedBy"`
ScannedVia string `json:"scannedVia"`
ScannedIPv4Addrs []string `json:"scannedIpv4Addrs,omitempty"`
ScannedIPv6Addrs []string `json:"scannedIpv6Addrs,omitempty"`
ReportedAt time.Time `json:"reportedAt"`
ReportedVersion string `json:"reportedVersion"`
ReportedRevision string `json:"reportedRevision"`
ReportedBy string `json:"reportedBy"`
Errors []string `json:"errors"`
Warnings []string `json:"warnings"`
JSONVersion int `json:"jsonVersion"`
Lang string `json:"lang"`
ServerUUID string `json:"serverUUID"`
ServerName string `json:"serverName"` // TOML Section key
Family string `json:"family"`
Release string `json:"release"`
Container Container `json:"container"`
Image Image `json:"image"`
Platform Platform `json:"platform"`
IPv4Addrs []string `json:"ipv4Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
IPv6Addrs []string `json:"ipv6Addrs,omitempty"` // only global unicast address (https://golang.org/pkg/net/#IP.IsGlobalUnicast)
IPSIdentifiers map[config.IPS]string `json:"ipsIdentifiers,omitempty"`
ScannedAt time.Time `json:"scannedAt"`
ScanMode string `json:"scanMode"`
ScannedVersion string `json:"scannedVersion"`
ScannedRevision string `json:"scannedRevision"`
ScannedBy string `json:"scannedBy"`
ScannedVia string `json:"scannedVia"`
ScannedIPv4Addrs []string `json:"scannedIpv4Addrs,omitempty"`
ScannedIPv6Addrs []string `json:"scannedIpv6Addrs,omitempty"`
ReportedAt time.Time `json:"reportedAt"`
ReportedVersion string `json:"reportedVersion"`
ReportedRevision string `json:"reportedRevision"`
ReportedBy string `json:"reportedBy"`
Errors []string `json:"errors"`
Warnings []string `json:"warnings"`
ScannedCves VulnInfos `json:"scannedCves"`
RunningKernel Kernel `json:"runningKernel"`
@@ -80,7 +62,7 @@ type ScanResult struct {
type CweDict map[string]CweDictEntry
// Get the name, url, top10URL for the specified cweID, lang
func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string) {
func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL, cweTop25Rank, cweTop25URL, sansTop25Rank, sansTop25URL string) {
cweNum := strings.TrimPrefix(cweID, "CWE-")
switch config.Conf.Lang {
case "ja":
@@ -88,6 +70,14 @@ func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string)
top10Rank = dict.OwaspTopTen2017
top10URL = cwe.OwaspTopTen2017GitHubURLJa[dict.OwaspTopTen2017]
}
if dict, ok := c[cweNum]; ok && dict.CweTopTwentyfive2019 != "" {
cweTop25Rank = dict.CweTopTwentyfive2019
cweTop25URL = cwe.CweTopTwentyfive2019URL
}
if dict, ok := c[cweNum]; ok && dict.SansTopTwentyfive != "" {
sansTop25Rank = dict.SansTopTwentyfive
sansTop25URL = cwe.SansTopTwentyfiveURL
}
if dict, ok := cwe.CweDictJa[cweNum]; ok {
name = dict.Name
url = fmt.Sprintf("http://jvndb.jvn.jp/ja/cwe/%s.html", cweID)
@@ -102,6 +92,14 @@ func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string)
top10Rank = dict.OwaspTopTen2017
top10URL = cwe.OwaspTopTen2017GitHubURLEn[dict.OwaspTopTen2017]
}
if dict, ok := c[cweNum]; ok && dict.CweTopTwentyfive2019 != "" {
cweTop25Rank = dict.CweTopTwentyfive2019
cweTop25URL = cwe.CweTopTwentyfive2019URL
}
if dict, ok := c[cweNum]; ok && dict.SansTopTwentyfive != "" {
sansTop25Rank = dict.SansTopTwentyfive
sansTop25URL = cwe.SansTopTwentyfiveURL
}
url = fmt.Sprintf("https://cwe.mitre.org/data/definitions/%s.html", cweID)
if dict, ok := cwe.CweDictEn[cweNum]; ok {
name = dict.Name
@@ -112,15 +110,11 @@ func (c CweDict) Get(cweID, lang string) (name, url, top10Rank, top10URL string)
// CweDictEntry is a entry of CWE
type CweDictEntry struct {
En *cwe.Cwe `json:"en,omitempty"`
Ja *cwe.Cwe `json:"ja,omitempty"`
OwaspTopTen2017 string `json:"owaspTopTen2017"`
}
// GetAlertsByCveID return alerts fetched by cveID
func GetAlertsByCveID(cveID string, lang string) (alerts []alert.Alert) {
alerts = alert.GenerateAlertDict(cveID, lang)
return alerts
En *cwe.Cwe `json:"en,omitempty"`
Ja *cwe.Cwe `json:"ja,omitempty"`
OwaspTopTen2017 string `json:"owaspTopTen2017"`
CweTopTwentyfive2019 string `json:"cweTopTwentyfive2019"`
SansTopTwentyfive string `json:"sansTopTwentyfive"`
}
// Kernel has the Release, version and whether need restart
@@ -279,7 +273,7 @@ func (r ScanResult) FilterInactiveWordPressLibs() ScanResult {
return r
}
// ReportFileName returns the filename on localhost without extention
// ReportFileName returns the filename on localhost without extension
func (r ScanResult) ReportFileName() (name string) {
if len(r.Container.ContainerID) == 0 {
return fmt.Sprintf("%s", r.ServerName)
@@ -287,7 +281,7 @@ func (r ScanResult) ReportFileName() (name string) {
return fmt.Sprintf("%s@%s", r.Container.Name, r.ServerName)
}
// ReportKeyName returns the name of key on S3, Azure-Blob without extention
// ReportKeyName returns the name of key on S3, Azure-Blob without extension
func (r ScanResult) ReportKeyName() (name string) {
timestr := r.ScannedAt.Format(time.RFC3339)
if len(r.Container.ContainerID) == 0 {
@@ -469,8 +463,9 @@ type Container struct {
// Image has Container information
type Image struct {
Name string `json:"name"`
Tag string `json:"tag"`
Name string `json:"name"`
Tag string `json:"tag"`
Digest string `json:"digest"`
}
// Platform has platform information

16
models/scanresults_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (

17
models/utils.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (

68
models/vulninfos.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
@@ -24,8 +7,6 @@ import (
"strings"
"time"
"github.com/future-architect/vuls/alert"
"github.com/future-architect/vuls/config"
exploitmodels "github.com/mozqnet/go-exploitdb/models"
)
@@ -155,9 +136,10 @@ func (ps PackageFixStatuses) Sort() {
// PackageFixStatus has name and other status abount the package
type PackageFixStatus struct {
Name string `json:"name"`
NotFixedYet bool `json:"notFixedYet"`
FixState string `json:"fixState"`
Name string `json:"name,omitempty"`
NotFixedYet bool `json:"notFixedYet,omitempty"`
FixState string `json:"fixState,omitempty"`
FixedIn string `json:"fixedIn,omitempty"`
}
// VulnInfo has a vulnerability information and unsecure packages
@@ -177,6 +159,13 @@ type VulnInfo struct {
VulnType string `json:"vulnType,omitempty"`
}
// Alert has XCERT alert information
type Alert struct {
URL string `json:"url,omitempty"`
Title string `json:"title,omitempty"`
Team string `json:"team,omitempty"`
}
// GitHubSecurityAlerts is a list of GitHubSecurityAlert
type GitHubSecurityAlerts []GitHubSecurityAlert
@@ -288,7 +277,7 @@ func (v VulnInfo) Summaries(lang, myFamily string) (values []CveContentStr) {
}
}
order := CveContentTypes{Nvd, NvdXML, NewCveContentType(myFamily)}
order := CveContentTypes{NewCveContentType(myFamily), Nvd, NvdXML}
order = append(order, AllCveContetTypes.Except(append(order, Jvn)...)...)
for _, ctype := range order {
if cont, found := v.CveContents[ctype]; found && 0 < len(cont.Summary) {
@@ -546,16 +535,17 @@ func (v VulnInfo) MaxCvss2Score() CveContentCvss {
func (v VulnInfo) AttackVector() string {
for _, cnt := range v.CveContents {
if strings.HasPrefix(cnt.Cvss2Vector, "AV:N") ||
strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:N") {
return "N"
strings.Contains(cnt.Cvss3Vector, "AV:N") {
return "AV:N"
} else if strings.HasPrefix(cnt.Cvss2Vector, "AV:A") ||
strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:A") {
return "A"
strings.Contains(cnt.Cvss3Vector, "AV:A") {
return "AV:A"
} else if strings.HasPrefix(cnt.Cvss2Vector, "AV:L") ||
strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:L") {
return "L"
} else if strings.HasPrefix(cnt.Cvss3Vector, "CVSS:3.0/AV:P") {
return "P"
strings.Contains(cnt.Cvss3Vector, "AV:L") {
return "AV:L"
} else if strings.Contains(cnt.Cvss3Vector, "AV:P") {
// no AV:P in CVSS v2
return "AV:P"
}
}
if cont, found := v.CveContents[DebianSecurityTracker]; found {
@@ -577,6 +567,13 @@ func (v VulnInfo) PatchStatus(packs Packages) string {
return "unfixed"
}
// Fast and offline mode can not get the candidate version.
// Vuls can be considered as 'fixed' if not-fixed-yet==true and
// the fixed-in-version (information in the oval) is not an empty.
if p.FixedIn != "" {
continue
}
// fast, offline mode doesn't have new version
if pack, ok := packs[p.Name]; ok {
if pack.NewVersion == "" {
@@ -785,13 +782,8 @@ type Exploit struct {
// AlertDict has target cve's JPCERT and USCERT alert data
type AlertDict struct {
Ja []alert.Alert `json:"ja"`
En []alert.Alert `json:"en"`
}
// HasAlert returns whether or not it has En or Ja entries.
func (a AlertDict) HasAlert() bool {
return len(a.En) != 0 || len(a.Ja) != 0
Ja []Alert `json:"ja"`
En []Alert `json:"en"`
}
// FormatSource returns which source has this alert

115
models/vulninfos_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
import (
@@ -159,14 +143,14 @@ func TestSummaries(t *testing.T) {
Type: Jvn,
Value: "Title JVN\nSummary JVN",
},
{
Type: NvdXML,
Value: "Summary NVD",
},
{
Type: RedHat,
Value: "Summary RedHat",
},
{
Type: NvdXML,
Value: "Summary NVD",
},
},
},
// lang: en
@@ -193,14 +177,14 @@ func TestSummaries(t *testing.T) {
},
},
out: []CveContentStr{
{
Type: NvdXML,
Value: "Summary NVD",
},
{
Type: RedHat,
Value: "Summary RedHat",
},
{
Type: NvdXML,
Value: "Summary NVD",
},
},
},
// lang: empty
@@ -1096,3 +1080,86 @@ func TestDistroAdvisories_AppendIfMissing(t *testing.T) {
})
}
}
func TestVulnInfo_AttackVector(t *testing.T) {
type fields struct {
CveContents CveContents
}
tests := []struct {
name string
fields fields
want string
}{
{
name: "2.0:N",
fields: fields{
CveContents: NewCveContents(
CveContent{
Type: "foo",
Cvss2Vector: "AV:N/AC:L/Au:N/C:C/I:C/A:C",
},
),
},
want: "AV:N",
},
{
name: "2.0:A",
fields: fields{
CveContents: NewCveContents(
CveContent{
Type: "foo",
Cvss2Vector: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
},
),
},
want: "AV:A",
},
{
name: "2.0:L",
fields: fields{
CveContents: NewCveContents(
CveContent{
Type: "foo",
Cvss2Vector: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
},
),
},
want: "AV:L",
},
{
name: "3.0:N",
fields: fields{
CveContents: NewCveContents(
CveContent{
Type: "foo",
Cvss3Vector: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
},
),
},
want: "AV:N",
},
{
name: "3.1:N",
fields: fields{
CveContents: NewCveContents(
CveContent{
Type: "foo",
Cvss3Vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
},
),
},
want: "AV:N",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
v := VulnInfo{
CveContents: tt.fields.CveContents,
}
if got := v.AttackVector(); got != tt.want {
t.Errorf("VulnInfo.AttackVector() = %v, want %v", got, tt.want)
}
})
}
}

17
models/wordpress.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package models
// WordPressPackages has Core version, plugins and themes.

17
oval/alpine.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (

224
oval/debian.go
View File

@@ -1,24 +1,8 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
"fmt"
"strings"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
@@ -59,17 +43,28 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
vinfo.CveContents = cveContents
}
// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
// uniq(vinfo.PackNames + defPacks.binpkgStat)
for _, pack := range vinfo.AffectedPackages {
defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
defPacks.binpkgFixstat[pack.Name] = fixStat{
notFixedYet: pack.NotFixedYet,
fixedIn: pack.FixedIn,
isSrcPack: false,
}
}
// update notFixedYet of SrcPackage
for binName := range defPacks.actuallyAffectedPackNames {
// Update package status of source packages.
// In the case of Debian based Linux, sometimes source package name is difined as affected package in OVAL.
// To display binary package name showed in apt-get, need to convert source name to binary name.
for binName := range defPacks.binpkgFixstat {
if srcPack, ok := r.SrcPackages.FindByBinName(binName); ok {
for _, p := range defPacks.def.AffectedPacks {
if p.Name == srcPack.Name {
defPacks.actuallyAffectedPackNames[binName] = p.NotFixedYet
defPacks.binpkgFixstat[binName] = fixStat{
notFixedYet: p.NotFixedYet,
fixedIn: p.Version,
isSrcPack: true,
srcPackName: srcPack.Name,
}
}
}
}
@@ -151,9 +146,9 @@ func (o Debian) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
for _, defPacks := range relatedDefs.entries {
// Remove "linux" added above for oval search
// linux is not a real package name (key of affected packages in OVAL)
if notFixedYet, ok := defPacks.actuallyAffectedPackNames["linux"]; ok {
defPacks.actuallyAffectedPackNames[linuxImage] = notFixedYet
delete(defPacks.actuallyAffectedPackNames, "linux")
if notFixedYet, ok := defPacks.binpkgFixstat["linux"]; ok {
defPacks.binpkgFixstat[linuxImage] = notFixedYet
delete(defPacks.binpkgFixstat, "linux")
for i, p := range defPacks.def.AffectedPacks {
if p.Name == "linux" {
p.Name = linuxImage
@@ -195,61 +190,107 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
switch major(r.Release) {
case "14":
kernelNamesInOval := []string{
"linux",
"linux-aws",
"linux-azure",
"linux-firmware",
"linux-lts-utopic",
"linux-lts-vivid",
"linux-lts-wily",
"linux-lts-xenial",
"linux-meta",
"linux-meta-aws",
"linux-meta-azure",
"linux-meta-lts-xenial",
"linux-signed",
"linux-signed-azure",
"linux-signed-lts-xenial",
"linux",
}
return o.fillWithOval(driver, r, kernelNamesInOval)
case "16":
kernelNamesInOval := []string{
"linux-image-aws",
"linux-image-aws-hwe",
"linux-image-azure",
"linux-image-extra-virtual",
"linux-image-extra-virtual-lts-utopic",
"linux-image-extra-virtual-lts-vivid",
"linux-image-extra-virtual-lts-wily",
"linux-image-extra-virtual-lts-xenial",
"linux-image-gcp",
"linux-image-generic-lpae",
"linux-image-generic-lpae-hwe-16.04",
"linux-image-generic-lpae-lts-utopic",
"linux-image-generic-lpae-lts-vivid",
"linux-image-generic-lpae-lts-wily",
"linux-image-generic-lpae-lts-xenial",
"linux-image-generic-lts-utopic",
"linux-image-generic-lts-vivid",
"linux-image-generic-lts-wily",
"linux-image-generic-lts-xenial",
"linux-image-gke",
"linux-image-hwe-generic-trusty",
"linux-image-hwe-virtual-trusty",
"linux-image-kvm",
"linux-image-lowlatency",
"linux-image-lowlatency-lts-utopic",
"linux-image-lowlatency-lts-vivid",
"linux-image-lowlatency-lts-wily",
"linux-aws",
"linux-aws-hwe",
"linux-azure",
"linux-euclid",
"linux-flo",
"linux-gcp",
"linux-gke",
"linux-goldfish",
"linux-hwe",
"linux-kvm",
"linux-mako",
"linux-meta",
"linux-meta-aws",
"linux-meta-aws-hwe",
"linux-meta-azure",
"linux-meta-gcp",
"linux-meta-hwe",
"linux-meta-kvm",
"linux-meta-oracle",
"linux-meta-raspi2",
"linux-meta-snapdragon",
"linux-oem",
"linux-oracle",
"linux-raspi2",
"linux-signed",
"linux-signed-azure",
"linux-signed-gcp",
"linux-signed-hwe",
"linux-signed-oracle",
"linux-snapdragon",
"linux",
}
return o.fillWithOval(driver, r, kernelNamesInOval)
case "18":
kernelNamesInOval := []string{
"linux-image-aws",
"linux-image-azure",
"linux-image-extra-virtual",
"linux-image-gcp",
"linux-image-generic-lpae",
"linux-image-kvm",
"linux-image-lowlatency",
"linux-image-oem",
"linux-image-oracle",
"linux-image-raspi2",
"linux-image-snapdragon",
"linux-image-virtual",
"linux-aws",
"linux-aws-5.0",
"linux-azure",
"linux-gcp",
"linux-gcp-5.3",
"linux-gke-4.15",
"linux-gke-5.0",
"linux-gke-5.3",
"linux-hwe",
"linux-kvm",
"linux-meta",
"linux-meta-aws",
"linux-meta-aws-5.0",
"linux-meta-azure",
"linux-meta-gcp",
"linux-meta-gcp-5.3",
"linux-meta-gke-4.15",
"linux-meta-gke-5.0",
"linux-meta-gke-5.3",
"linux-meta-hwe",
"linux-meta-kvm",
"linux-meta-oem",
"linux-meta-oem-osp1",
"linux-meta-oracle",
"linux-meta-oracle-5.0",
"linux-meta-oracle-5.3",
"linux-meta-raspi2",
"linux-meta-raspi2-5.3",
"linux-meta-snapdragon",
"linux-oem",
"linux-oem-osp1",
"linux-oracle",
"linux-oracle-5.0",
"linux-oracle-5.3",
"linux-raspi2",
"linux-raspi2-5.3",
"linux-signed",
"linux-signed-azure",
"linux-signed-gcp",
"linux-signed-gcp-5.3",
"linux-signed-gke-4.15",
"linux-signed-gke-5.0",
"linux-signed-gke-5.3",
"linux-signed-hwe",
"linux-signed-oem",
"linux-signed-oem-osp1",
"linux-signed-oracle",
"linux-signed-oracle-5.0",
"linux-signed-oracle-5.3",
"linux-snapdragon",
"linux",
}
return o.fillWithOval(driver, r, kernelNamesInOval)
}
@@ -257,12 +298,12 @@ func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err
}
func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOval []string) (nCVEs int, err error) {
// kernel names in OVAL except for linux-image-generic
linuxImage := "linux-image-" + r.RunningKernel.Release
runningKernelVersion := ""
kernelPkgInOVAL := ""
isOVALKernelPkgAdded := true
isOVALKernelPkgAdded := false
unusedKernels := []models.Package{}
copiedSourcePkgs := models.SrcPackages{}
if r.Container.ContainerID == "" {
if v, ok := r.Packages[linuxImage]; ok {
@@ -287,17 +328,31 @@ func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOv
}
}
if kernelPkgInOVAL == "" {
if r.Release == "14" {
kernelPkgInOVAL = "linux"
} else if _, ok := r.Packages["linux-image-generic"]; !ok {
util.Log.Warnf("The OVAL name of the running kernel image %s is not found. So vulns of linux-image-generic wll be detected. server: %s",
r.RunningKernel.Version, r.ServerName)
kernelPkgInOVAL = "linux-image-generic"
} else {
isOVALKernelPkgAdded = false
// Remove linux-* in order to detect only vulnerabilities in the running kernel.
for n := range r.Packages {
if n != kernelPkgInOVAL && strings.HasPrefix(n, "linux-") {
unusedKernels = append(unusedKernels, r.Packages[n])
delete(r.Packages, n)
}
}
for srcPackName, srcPack := range r.SrcPackages {
copiedSourcePkgs[srcPackName] = srcPack
targetBianryNames := []string{}
for _, n := range srcPack.BinaryNames {
if n == kernelPkgInOVAL || !strings.HasPrefix(n, "linux-") {
targetBianryNames = append(targetBianryNames, n)
}
}
srcPack.BinaryNames = targetBianryNames
r.SrcPackages[srcPackName] = srcPack
}
if kernelPkgInOVAL == "" {
util.Log.Warnf("The OVAL name of the running kernel image %+v is not found. So vulns of `linux` wll be detected. server: %s",
r.RunningKernel, r.ServerName)
kernelPkgInOVAL = "linux"
isOVALKernelPkgAdded = true
}
if runningKernelVersion != "" {
r.Packages[kernelPkgInOVAL] = models.Package{
@@ -324,13 +379,14 @@ func (o Ubuntu) fillWithOval(driver db.DB, r *models.ScanResult, kernelNamesInOv
for _, p := range unusedKernels {
r.Packages[p.Name] = p
}
r.SrcPackages = copiedSourcePkgs
for _, defPacks := range relatedDefs.entries {
// Remove "linux" added above to search for oval
// Remove "linux" added above for searching oval
// "linux" is not a real package name (key of affected packages in OVAL)
if nfy, ok := defPacks.actuallyAffectedPackNames[kernelPkgInOVAL]; isOVALKernelPkgAdded && ok {
defPacks.actuallyAffectedPackNames[linuxImage] = nfy
delete(defPacks.actuallyAffectedPackNames, kernelPkgInOVAL)
if nfy, ok := defPacks.binpkgFixstat[kernelPkgInOVAL]; isOVALKernelPkgAdded && ok {
defPacks.binpkgFixstat[linuxImage] = nfy
delete(defPacks.binpkgFixstat, kernelPkgInOVAL)
for i, p := range defPacks.def.AffectedPacks {
if p.Name == kernelPkgInOVAL {
p.Name = linuxImage

27
oval/debian_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
@@ -49,8 +33,11 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
CveID: "CVE-2000-1000",
},
},
actuallyAffectedPackNames: map[string]bool{
"packB": true,
binpkgFixstat: map[string]fixStat{
"packB": {
notFixedYet: true,
fixedIn: "1.0.0",
},
},
},
out: models.ScanResult{
@@ -58,7 +45,7 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
"CVE-2000-1000": models.VulnInfo{
AffectedPackages: models.PackageFixStatuses{
{Name: "packA"},
{Name: "packB", NotFixedYet: true},
{Name: "packB", NotFixedYet: true, FixedIn: "1.0.0"},
{Name: "packC"},
},
},
@@ -73,7 +60,7 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
e := tt.out.ScannedCves["CVE-2000-1000"].AffectedPackages
a := tt.in.ScannedCves["CVE-2000-1000"].AffectedPackages
if !reflect.DeepEqual(a, e) {
t.Errorf("[%d] expected: %v\n actual: %v\n", i, e, a)
t.Errorf("[%d] expected: %#v\n actual: %#v\n", i, e, a)
}
}
}

17
oval/oval.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (

48
oval/redhat.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
@@ -137,10 +120,16 @@ func (o RedHatBase) update(r *models.ScanResult, defPacks defPacks) (nCVEs int)
// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
for _, pack := range vinfo.AffectedPackages {
if nfy, ok := defPacks.actuallyAffectedPackNames[pack.Name]; !ok {
defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
} else if nfy {
defPacks.actuallyAffectedPackNames[pack.Name] = true
if stat, ok := defPacks.binpkgFixstat[pack.Name]; !ok {
defPacks.binpkgFixstat[pack.Name] = fixStat{
notFixedYet: pack.NotFixedYet,
fixedIn: pack.FixedIn,
}
} else if stat.notFixedYet {
defPacks.binpkgFixstat[pack.Name] = fixStat{
notFixedYet: true,
fixedIn: pack.FixedIn,
}
}
}
vinfo.AffectedPackages = defPacks.toPackStatuses()
@@ -152,7 +141,7 @@ func (o RedHatBase) update(r *models.ScanResult, defPacks defPacks) (nCVEs int)
func (o RedHatBase) convertToDistroAdvisory(def *ovalmodels.Definition) *models.DistroAdvisory {
advisoryID := def.Title
if o.family == config.RedHat || o.family == config.CentOS {
if (o.family == config.RedHat || o.family == config.CentOS) && len(advisoryID) > 0 {
ss := strings.Fields(def.Title)
advisoryID = strings.TrimSuffix(ss[0], ":")
}
@@ -236,12 +225,17 @@ func (o RedHatBase) parseCvss2(scoreVector string) (score float64, vector string
// 5.6/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
func (o RedHatBase) parseCvss3(scoreVector string) (score float64, vector string) {
var err error
ss := strings.Split(scoreVector, "/CVSS:3.0/")
if 1 < len(ss) {
if score, err = strconv.ParseFloat(ss[0], 64); err != nil {
return 0, ""
for _, s := range []string{
"/CVSS:3.0/",
"/CVSS:3.1/",
} {
ss := strings.Split(scoreVector, s)
if 1 < len(ss) {
if score, err = strconv.ParseFloat(ss[0], 64); err != nil {
return 0, ""
}
return score, strings.TrimPrefix(s, "/") + ss[1]
}
return score, fmt.Sprintf("CVSS:3.0/%s", ss[1])
}
return 0, ""
}

30
oval/redhat_test.go
View File

@@ -1,19 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
@@ -75,6 +59,13 @@ func TestParseCvss3(t *testing.T) {
vector: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
},
},
{
in: "6.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
out: out{
score: 6.1,
vector: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
},
},
{
in: "",
out: out{
@@ -119,8 +110,11 @@ func TestPackNamesOfUpdate(t *testing.T) {
},
},
},
actuallyAffectedPackNames: map[string]bool{
"packB": true,
binpkgFixstat: map[string]fixStat{
"packB": {
notFixedYet: true,
fixedIn: "1.0.0",
},
},
},
out: models.ScanResult{

22
oval/suse.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
@@ -92,7 +75,10 @@ func (o SUSE) update(r *models.ScanResult, defPacks defPacks) {
// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
for _, pack := range vinfo.AffectedPackages {
defPacks.actuallyAffectedPackNames[pack.Name] = pack.NotFixedYet
defPacks.binpkgFixstat[pack.Name] = fixStat{
notFixedYet: pack.NotFixedYet,
fixedIn: pack.FixedIn,
}
}
vinfo.AffectedPackages = defPacks.toPackStatuses()
vinfo.AffectedPackages.Sort()

99
oval/util.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package oval
import (
@@ -44,32 +27,42 @@ type defPacks struct {
def ovalmodels.Definition
// BinaryPackageName : NotFixedYet
actuallyAffectedPackNames map[string]bool
binpkgFixstat map[string]fixStat
}
type fixStat struct {
notFixedYet bool
fixedIn string
isSrcPack bool
srcPackName string
}
func (e defPacks) toPackStatuses() (ps models.PackageFixStatuses) {
for name, notFixedYet := range e.actuallyAffectedPackNames {
for name, stat := range e.binpkgFixstat {
ps = append(ps, models.PackageFixStatus{
Name: name,
NotFixedYet: notFixedYet,
NotFixedYet: stat.notFixedYet,
FixedIn: stat.fixedIn,
})
}
return
}
func (e *ovalResult) upsert(def ovalmodels.Definition, packName string, notFixedYet bool) (upserted bool) {
func (e *ovalResult) upsert(def ovalmodels.Definition, packName string, fstat fixStat) (upserted bool) {
// alpine's entry is empty since Alpine secdb is not OVAL format
if def.DefinitionID != "" {
for i, entry := range e.entries {
if entry.def.DefinitionID == def.DefinitionID {
e.entries[i].actuallyAffectedPackNames[packName] = notFixedYet
e.entries[i].binpkgFixstat[packName] = fstat
return true
}
}
}
e.entries = append(e.entries, defPacks{
def: def,
actuallyAffectedPackNames: map[string]bool{packName: notFixedYet},
def: def,
binpkgFixstat: map[string]fixStat{
packName: fstat,
},
})
return false
@@ -151,17 +144,27 @@ func getDefsByPackNameViaHTTP(r *models.ScanResult) (
select {
case res := <-resChan:
for _, def := range res.defs {
affected, notFixedYet := isOvalDefAffected(def, res.request, r.Family, r.RunningKernel)
affected, notFixedYet, fixedIn := isOvalDefAffected(def, res.request, r.Family, r.RunningKernel)
if !affected {
continue
}
if res.request.isSrcPack {
for _, n := range res.request.binaryPackNames {
relatedDefs.upsert(def, n, false)
fs := fixStat{
srcPackName: res.request.packName,
isSrcPack: true,
notFixedYet: notFixedYet,
fixedIn: fixedIn,
}
relatedDefs.upsert(def, n, fs)
}
} else {
relatedDefs.upsert(def, res.request.packName, notFixedYet)
fs := fixStat{
notFixedYet: notFixedYet,
fixedIn: fixedIn,
}
relatedDefs.upsert(def, res.request.packName, fs)
}
}
case err := <-errChan:
@@ -233,27 +236,38 @@ func getDefsByPackNameFromOvalDB(driver db.DB, r *models.ScanResult) (relatedDef
packName: pack.Name,
binaryPackNames: pack.BinaryNames,
versionRelease: pack.Version,
arch: pack.Arch,
isSrcPack: true,
})
}
for _, req := range requests {
definitions, err := driver.GetByPackName(r.Release, req.packName, req.arch)
definitions, err := driver.GetByPackName(r.Family, r.Release, req.packName, req.arch)
if err != nil {
return relatedDefs, xerrors.Errorf("Failed to get %s OVAL info by package: %#v, err: %w", r.Family, req, err)
}
for _, def := range definitions {
affected, notFixedYet := isOvalDefAffected(def, req, r.Family, r.RunningKernel)
affected, notFixedYet, fixedIn := isOvalDefAffected(def, req, r.Family, r.RunningKernel)
if !affected {
continue
}
if req.isSrcPack {
for _, n := range req.binaryPackNames {
relatedDefs.upsert(def, n, false)
for _, binName := range req.binaryPackNames {
fs := fixStat{
notFixedYet: false,
isSrcPack: true,
fixedIn: fixedIn,
srcPackName: req.packName,
}
relatedDefs.upsert(def, binName, fs)
}
} else {
relatedDefs.upsert(def, req.packName, notFixedYet)
fs := fixStat{
notFixedYet: notFixedYet,
fixedIn: fixedIn,
}
relatedDefs.upsert(def, req.packName, fs)
}
}
}
@@ -271,7 +285,7 @@ func major(version string) string {
return ver[0:strings.Index(ver, ".")]
}
func isOvalDefAffected(def ovalmodels.Definition, req request, family string, running models.Kernel) (affected, notFixedYet bool) {
func isOvalDefAffected(def ovalmodels.Definition, req request, family string, running models.Kernel) (affected, notFixedYet bool, fixedIn string) {
for _, ovalPack := range def.AffectedPacks {
if req.packName != ovalPack.Name {
continue
@@ -290,7 +304,7 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
}
if ovalPack.NotFixedYet {
return true, true
return true, true, ovalPack.Version
}
// Compare between the installed version vs the version in OVAL
@@ -298,9 +312,14 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
if err != nil {
util.Log.Debugf("Failed to parse versions: %s, Ver: %#v, OVAL: %#v, DefID: %s",
err, req.versionRelease, ovalPack, def.DefinitionID)
return false, false
return false, false, ovalPack.Version
}
if less {
if req.isSrcPack {
// Unable to judge whether fixed or not-fixed of src package(Ubuntu, Debian)
return true, false, ovalPack.Version
}
// If the version of installed is less than in OVAL
switch family {
case config.RedHat,
@@ -309,7 +328,7 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
config.Debian,
config.Ubuntu:
// Use fixed state in OVAL for these distros.
return true, false
return true, false, ovalPack.Version
}
// But CentOS can't judge whether fixed or unfixed.
@@ -320,7 +339,7 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
// In these mode, the blow field was set empty.
// Vuls can not judge fixed or unfixed.
if req.newVersionRelease == "" {
return true, false
return true, false, ovalPack.Version
}
// compare version: newVer vs oval
@@ -328,12 +347,12 @@ func isOvalDefAffected(def ovalmodels.Definition, req request, family string, ru
if err != nil {
util.Log.Debugf("Failed to parse versions: %s, NewVer: %#v, OVAL: %#v, DefID: %s",
err, req.newVersionRelease, ovalPack, def.DefinitionID)
return false, false
return false, false, ovalPack.Version
}
return true, less
return true, less, ovalPack.Version
}
}
return false, false
return false, false, ""
}
var centosVerPattern = regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`)

121
oval/util_test.go
View File

@@ -12,12 +12,12 @@ import (
func TestUpsert(t *testing.T) {
var tests = []struct {
res ovalResult
def ovalmodels.Definition
packName string
notFixedYet bool
upserted bool
out ovalResult
res ovalResult
def ovalmodels.Definition
packName string
fixStat fixStat
upserted bool
out ovalResult
}{
//insert
{
@@ -25,17 +25,23 @@ func TestUpsert(t *testing.T) {
def: ovalmodels.Definition{
DefinitionID: "1111",
},
packName: "pack1",
notFixedYet: true,
upserted: false,
packName: "pack1",
fixStat: fixStat{
notFixedYet: true,
fixedIn: "1.0.0",
},
upserted: false,
out: ovalResult{
[]defPacks{
{
def: ovalmodels.Definition{
DefinitionID: "1111",
},
actuallyAffectedPackNames: map[string]bool{
"pack1": true,
binpkgFixstat: map[string]fixStat{
"pack1": {
notFixedYet: true,
fixedIn: "1.0.0",
},
},
},
},
@@ -49,16 +55,22 @@ func TestUpsert(t *testing.T) {
def: ovalmodels.Definition{
DefinitionID: "1111",
},
actuallyAffectedPackNames: map[string]bool{
"pack1": true,
binpkgFixstat: map[string]fixStat{
"pack1": {
notFixedYet: true,
fixedIn: "1.0.0",
},
},
},
{
def: ovalmodels.Definition{
DefinitionID: "2222",
},
actuallyAffectedPackNames: map[string]bool{
"pack3": true,
binpkgFixstat: map[string]fixStat{
"pack3": {
notFixedYet: true,
fixedIn: "2.0.0",
},
},
},
},
@@ -66,26 +78,38 @@ func TestUpsert(t *testing.T) {
def: ovalmodels.Definition{
DefinitionID: "1111",
},
packName: "pack2",
notFixedYet: false,
upserted: true,
packName: "pack2",
fixStat: fixStat{
notFixedYet: false,
fixedIn: "3.0.0",
},
upserted: true,
out: ovalResult{
[]defPacks{
{
def: ovalmodels.Definition{
DefinitionID: "1111",
},
actuallyAffectedPackNames: map[string]bool{
"pack1": true,
"pack2": false,
binpkgFixstat: map[string]fixStat{
"pack1": {
notFixedYet: true,
fixedIn: "1.0.0",
},
"pack2": {
notFixedYet: false,
fixedIn: "3.0.0",
},
},
},
{
def: ovalmodels.Definition{
DefinitionID: "2222",
},
actuallyAffectedPackNames: map[string]bool{
"pack3": true,
binpkgFixstat: map[string]fixStat{
"pack3": {
notFixedYet: true,
fixedIn: "2.0.0",
},
},
},
},
@@ -93,7 +117,7 @@ func TestUpsert(t *testing.T) {
},
}
for i, tt := range tests {
upserted := tt.res.upsert(tt.def, tt.packName, tt.notFixedYet)
upserted := tt.res.upsert(tt.def, tt.packName, tt.fixStat)
if tt.upserted != upserted {
t.Errorf("[%d]\nexpected: %t\n actual: %t\n", i, tt.upserted, upserted)
}
@@ -121,17 +145,27 @@ func TestDefpacksToPackStatuses(t *testing.T) {
{
Name: "a",
NotFixedYet: true,
Version: "1.0.0",
},
{
Name: "b",
NotFixedYet: false,
Version: "2.0.0",
},
},
},
actuallyAffectedPackNames: map[string]bool{
"a": true,
"b": true,
"c": true,
binpkgFixstat: map[string]fixStat{
"a": {
notFixedYet: true,
fixedIn: "1.0.0",
isSrcPack: false,
},
"b": {
notFixedYet: true,
fixedIn: "1.0.0",
isSrcPack: true,
srcPackName: "lib-b",
},
},
},
},
@@ -139,14 +173,12 @@ func TestDefpacksToPackStatuses(t *testing.T) {
{
Name: "a",
NotFixedYet: true,
FixedIn: "1.0.0",
},
{
Name: "b",
NotFixedYet: true,
},
{
Name: "c",
NotFixedYet: true,
FixedIn: "1.0.0",
},
},
},
@@ -173,6 +205,7 @@ func TestIsOvalDefAffected(t *testing.T) {
in in
affected bool
notFixedYet bool
fixedIn string
}{
// 0. Ubuntu ovalpack.NotFixedYet == true
{
@@ -187,6 +220,7 @@ func TestIsOvalDefAffected(t *testing.T) {
{
Name: "b",
NotFixedYet: true,
Version: "1.0.0",
},
},
},
@@ -196,6 +230,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: true,
fixedIn: "1.0.0",
},
// 1. Ubuntu
// ovalpack.NotFixedYet == false
@@ -226,6 +261,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "1.0.0-1",
},
// 2. Ubuntu
// ovalpack.NotFixedYet == false
@@ -285,6 +321,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
},
affected: true,
fixedIn: "1.0.0-3",
notFixedYet: false,
},
// 4. Ubuntu
@@ -318,6 +355,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "1.0.0-2",
},
// 5 RedHat
{
@@ -345,6 +383,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 6 RedHat
{
@@ -372,6 +411,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 7 RedHat
{
@@ -451,6 +491,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 10 RedHat
{
@@ -478,6 +519,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 11 RedHat
{
@@ -504,6 +546,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 12 RedHat
{
@@ -583,6 +626,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 15
{
@@ -662,6 +706,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: true,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 18
{
@@ -689,6 +734,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 19
{
@@ -716,6 +762,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
// 20
{
@@ -794,6 +841,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
{
in: in{
@@ -870,6 +918,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: true,
fixedIn: "0:1.2.3-45.el6_7.8",
},
{
in: in{
@@ -896,6 +945,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
{
in: in{
@@ -922,6 +972,7 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "0:1.2.3-45.el6_7.8",
},
{
in: in{
@@ -1021,16 +1072,20 @@ func TestIsOvalDefAffected(t *testing.T) {
},
affected: true,
notFixedYet: false,
fixedIn: "3.1.0",
},
}
for i, tt := range tests {
affected, notFixedYet := isOvalDefAffected(tt.in.def, tt.in.req, tt.in.family, tt.in.kernel)
affected, notFixedYet, fixedIn := isOvalDefAffected(tt.in.def, tt.in.req, tt.in.family, tt.in.kernel)
if tt.affected != affected {
t.Errorf("[%d] affected\nexpected: %v\n actual: %v\n", i, tt.affected, affected)
}
if tt.notFixedYet != notFixedYet {
t.Errorf("[%d] notfixedyet\nexpected: %v\n actual: %v\n", i, tt.notFixedYet, notFixedYet)
}
if tt.fixedIn != fixedIn {
t.Errorf("[%d] fixedIn\nexpected: %v\n actual: %v\n", i, tt.fixedIn, fixedIn)
}
}
}

17
report/azureblob.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

1
report/chatwork_test.go
View File

@@ -1 +0,0 @@
package report

38
report/cve_client.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -30,7 +13,7 @@ import (
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/util"
cvedb "github.com/kotakanbe/go-cve-dictionary/db"
cve "github.com/kotakanbe/go-cve-dictionary/models"
cvemodels "github.com/kotakanbe/go-cve-dictionary/models"
)
// CveClient is api client of CVE disctionary service.
@@ -66,18 +49,21 @@ func (api cvedictClient) CheckHealth() error {
type response struct {
Key string
CveDetail cve.CveDetail
CveDetail cvemodels.CveDetail
}
func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cve.CveDetail, err error) {
func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cvemodels.CveDetail, err error) {
if !config.Conf.CveDict.IsFetchViaHTTP() {
if driver == nil {
return
}
for _, cveID := range cveIDs {
cveDetail, err := driver.Get(cveID)
if err != nil {
return nil, xerrors.Errorf("Failed to fetch CVE. err: %w", err)
}
if len(cveDetail.CveID) == 0 {
cveDetails = append(cveDetails, cve.CveDetail{
cveDetails = append(cveDetails, cvemodels.CveDetail{
CveID: cveID,
})
} else {
@@ -124,7 +110,7 @@ func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveD
select {
case res := <-resChan:
if len(res.CveDetail.CveID) == 0 {
cveDetails = append(cveDetails, cve.CveDetail{
cveDetails = append(cveDetails, cvemodels.CveDetail{
CveID: res.Key,
})
} else {
@@ -165,7 +151,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
errChan <- xerrors.Errorf("HTTP Error: %w", err)
return
}
cveDetail := cve.CveDetail{}
cveDetail := cvemodels.CveDetail{}
if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
errChan <- xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
return
@@ -176,7 +162,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
}
}
func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cve.CveDetail, error) {
func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cvemodels.CveDetail, error) {
if config.Conf.CveDict.IsFetchViaHTTP() {
api.baseURL = config.Conf.CveDict.URL
url, err := util.URLPathJoin(api.baseURL, "cpes")
@@ -191,7 +177,7 @@ func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName strin
return driver.GetByCpeURI(cpeName)
}
func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cve.CveDetail, error) {
func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cvemodels.CveDetail, error) {
var body string
var errs []error
var resp *http.Response
@@ -215,7 +201,7 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c
return nil, xerrors.Errorf("HTTP Error: %w", err)
}
cveDetails := []cve.CveDetail{}
cveDetails := []cvemodels.CveDetail{}
if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
return nil,
xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)

10
report/db_client.go
View File

@@ -83,6 +83,10 @@ func NewCveDB(cnf DBClientConf) (driver cvedb.DB, locked bool, err error) {
path := cnf.CveDictCnf.URL
if cnf.CveDictCnf.Type == "sqlite3" {
path = cnf.CveDictCnf.SQLite3Path
if _, err := os.Stat(path); os.IsNotExist(err) {
util.Log.Warnf("--cvedb-path=%s file not found. [CPE-scan](https://vuls.io/docs/en/usage-scan-non-os-packages.html#cpe-scan) needs cve-dictionary. if you specify cpe in config.toml, fetch cve-dictionary before reporting. For details, see `https://github.com/kotakanbe/go-cve-dictionary#deploy-go-cve-dictionary`", path)
return nil, false, nil
}
}
util.Log.Debugf("Open cve-dictionary db (%s): %s", cnf.CveDictCnf.Type, path)
@@ -104,7 +108,7 @@ func NewOvalDB(cnf DBClientConf) (driver ovaldb.DB, locked bool, err error) {
path = cnf.OvalDictCnf.SQLite3Path
if _, err := os.Stat(path); os.IsNotExist(err) {
util.Log.Warnf("--ovaldb-path=%s is not found. It's recommended to use OVAL to improve scanning accuracy. For details, see https://github.com/kotakanbe/goval-dictionary#usage", path)
util.Log.Warnf("--ovaldb-path=%s file not found", path)
return nil, false, nil
}
}
@@ -131,7 +135,7 @@ func NewGostDB(cnf DBClientConf) (driver gostdb.DB, locked bool, err error) {
path = cnf.GostCnf.SQLite3Path
if _, err := os.Stat(path); os.IsNotExist(err) {
util.Log.Warnf("--gostdb-path=%s is not found. If the scan target server is Debian, RHEL or CentOS, it's recommended to use gost to improve scanning accuracy. To use gost database, see https://github.com/knqyf263/gost#fetch-redhat", path)
util.Log.Warnf("--gostdb-path=%s file not found. Vuls can detect `patch-not-released-CVE-ID` using gost if the scan target server is Debian, RHEL or CentOS, For details, see `https://github.com/knqyf263/gost#fetch-redhat`", path)
return nil, false, nil
}
}
@@ -157,7 +161,7 @@ func NewExploitDB(cnf DBClientConf) (driver exploitdb.DB, locked bool, err error
path = cnf.ExploitCnf.SQLite3Path
if _, err := os.Stat(path); os.IsNotExist(err) {
util.Log.Warnf("--exploitdb-path=%s is not found. It's recommended to use exploit to improve scanning accuracy. To use exploit db database, see https://github.com/mozqnet/go-exploitdb", path)
util.Log.Warnf("--exploitdb-path=%s file not found. Fetch go-exploit-db before reporting if you want to display exploit codes of detected CVE-IDs. For details, see `https://github.com/mozqnet/go-exploitdb`", path)
return nil, false, nil
}
}

17
report/email.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

17
report/email_test.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

1
report/hipchat_test.go
View File

@@ -1 +0,0 @@
package report

17
report/http.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Architect, Inc. Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

17
report/localfile.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

96
report/report.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -45,6 +28,7 @@ import (
"github.com/hashicorp/uuid"
gostdb "github.com/knqyf263/gost/db"
cvedb "github.com/kotakanbe/go-cve-dictionary/db"
cvemodels "github.com/kotakanbe/go-cve-dictionary/models"
ovaldb "github.com/kotakanbe/goval-dictionary/db"
exploitdb "github.com/mozqnet/go-exploitdb/db"
"golang.org/x/xerrors"
@@ -104,6 +88,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
if err := FillCveInfo(dbclient,
&r,
cpeURIs,
true,
githubInts,
wpOpt); err != nil {
return nil, err
@@ -162,7 +147,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
}
// FillCveInfo fill scanResult with cve info.
func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, integrations ...Integration) error {
func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, ignoreWillNotFix bool, integrations ...Integration) error {
util.Log.Debugf("need to refresh")
nCVEs, err := libmanager.FillLibrary(r)
@@ -173,7 +158,6 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, inte
r.FormatServerName(), nCVEs)
nCVEs, err = FillWithOval(dbclient.OvalDB, r)
if err != nil {
return xerrors.Errorf("Failed to fill with OVAL: %w", err)
}
@@ -203,7 +187,7 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, inte
}
util.Log.Infof("%s: %d CVEs are detected with GitHub Security Alerts", r.FormatServerName(), ints.GithubAlertsCveCounts)
nCVEs, err = FillWithGost(dbclient.GostDB, r)
nCVEs, err = FillWithGost(dbclient.GostDB, r, ignoreWillNotFix)
if err != nil {
return xerrors.Errorf("Failed to fill with gost: %w", err)
}
@@ -223,10 +207,6 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, inte
util.Log.Infof("%s: %d exploits are detected",
r.FormatServerName(), nExploitCve)
enAlertCnt, jaAlertCnt := fillAlerts(r)
util.Log.Infof("%s: en: %d, ja: %d alerts are detected",
r.FormatServerName(), enAlertCnt, jaAlertCnt)
fillCweDict(r)
return nil
}
@@ -249,6 +229,7 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
}
jvn := models.ConvertJvnToModel(d.CveID, d.Jvn)
alerts := fillCertAlerts(&d)
for cveID, vinfo := range r.ScannedCves {
if vinfo.CveID == d.CveID {
if vinfo.CveContents == nil {
@@ -259,6 +240,7 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
vinfo.CveContents[con.Type] = *con
}
}
vinfo.AlertDict = alerts
r.ScannedCves[cveID] = vinfo
break
}
@@ -267,6 +249,28 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
return nil
}
func fillCertAlerts(cvedetail *cvemodels.CveDetail) (dict models.AlertDict) {
if cvedetail.NvdJSON != nil {
for _, cert := range cvedetail.NvdJSON.Certs {
dict.En = append(dict.En, models.Alert{
URL: cert.Link,
Title: cert.Title,
Team: "us",
})
}
}
if cvedetail.Jvn != nil {
for _, cert := range cvedetail.Jvn.Certs {
dict.Ja = append(dict.Ja, models.Alert{
URL: cert.Link,
Title: cert.Title,
Team: "jp",
})
}
}
return dict
}
// FillWithOval fetches OVAL database
func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error) {
var ovalClient oval.Client
@@ -312,7 +316,7 @@ func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error)
if !c.Conf.OvalDict.IsFetchViaHTTP() {
if driver == nil {
return 0, nil
return 0, xerrors.Errorf("You have to fetch OVAL data for %s before reporting. For details, see `https://github.com/kotakanbe/goval-dictionary#usage`", r.Family)
}
if err = driver.NewOvalDB(ovalFamily); err != nil {
return 0, xerrors.Errorf("Failed to New Oval DB. err: %w", err)
@@ -325,7 +329,7 @@ func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error)
return 0, err
}
if !ok {
return 0, xerrors.Errorf("OVAL entries of %s %s are not found. Fetch OVAL before reporting. For details, see https://github.com/kotakanbe/goval-dictionary#usage", ovalFamily, r.Release)
return 0, xerrors.Errorf("OVAL entries of %s %s are not found. Fetch OVAL before reporting. For details, see `https://github.com/kotakanbe/goval-dictionary#usage`", ovalFamily, r.Release)
}
_, err = ovalClient.CheckIfOvalFresh(driver, ovalFamily, r.Release)
@@ -338,11 +342,14 @@ func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error)
// FillWithGost fills CVEs with gost dataabase
// https://github.com/knqyf263/gost
func FillWithGost(driver gostdb.DB, r *models.ScanResult) (nCVEs int, err error) {
func FillWithGost(driver gostdb.DB, r *models.ScanResult, ignoreWillNotFix bool) (nCVEs int, err error) {
gostClient := gost.NewClient(r.Family)
// TODO chekc if fetched
// TODO chekc if fresh enough
return gostClient.FillWithGost(driver, r)
if nCVEs, err = gostClient.DetectUnfixed(driver, r, ignoreWillNotFix); err != nil {
return
}
return nCVEs, gostClient.FillCVEsWithRedHat(driver, r)
}
// FillWithExploit fills Exploits with exploit dataabase
@@ -354,6 +361,11 @@ func FillWithExploit(driver exploitdb.DB, r *models.ScanResult) (nExploitCve int
}
func fillVulnByCpeURIs(driver cvedb.DB, r *models.ScanResult, cpeURIs []string) (nCVEs int, err error) {
if len(cpeURIs) != 0 && driver == nil && !config.Conf.CveDict.IsFetchViaHTTP() {
return 0, xerrors.Errorf("cpeURIs %s specified, but cve-dictionary DB not found. Fetch cve-dictionary beofre reporting. For details, see `https://github.com/kotakanbe/go-cve-dictionary#deploy-go-cve-dictionary`",
cpeURIs)
}
for _, name := range cpeURIs {
details, err := CveClient.FetchCveDetailsByCpeName(driver, name)
if err != nil {
@@ -455,6 +467,12 @@ func fillCweDict(r *models.ScanResult) {
if rank, ok := cwe.OwaspTopTen2017[id]; ok {
entry.OwaspTopTen2017 = rank
}
if rank, ok := cwe.CweTopTwentyfive2019[id]; ok {
entry.CweTopTwentyfive2019 = rank
}
if rank, ok := cwe.SansTopTwentyfive[id]; ok {
entry.SansTopTwentyfive = rank
}
entry.En = &e
} else {
util.Log.Debugf("CWE-ID %s is not found in English CWE Dict", id)
@@ -466,6 +484,12 @@ func fillCweDict(r *models.ScanResult) {
if rank, ok := cwe.OwaspTopTen2017[id]; ok {
entry.OwaspTopTen2017 = rank
}
if rank, ok := cwe.CweTopTwentyfive2019[id]; ok {
entry.CweTopTwentyfive2019 = rank
}
if rank, ok := cwe.SansTopTwentyfive[id]; ok {
entry.SansTopTwentyfive = rank
}
entry.Ja = &e
} else {
util.Log.Debugf("CWE-ID %s is not found in Japanese CWE Dict", id)
@@ -478,20 +502,6 @@ func fillCweDict(r *models.ScanResult) {
return
}
func fillAlerts(r *models.ScanResult) (enCnt int, jaCnt int) {
for cveID, vuln := range r.ScannedCves {
enAs, jaAs := models.GetAlertsByCveID(cveID, "en"), models.GetAlertsByCveID(cveID, "ja")
vuln.AlertDict = models.AlertDict{
Ja: jaAs,
En: enAs,
}
r.ScannedCves[cveID] = vuln
enCnt += len(enAs)
jaCnt += len(jaAs)
}
return enCnt, jaCnt
}
const reUUID = "[\\da-f]{8}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{12}"
// Scanning with the -containers-only, -images-only flag at scan time, the UUID of Container Host may not be generated,
@@ -532,7 +542,7 @@ func EnsureUUIDs(configPath string, results models.ScanResults) error {
server.UUIDs[r.ServerName] = uuid
}
} else if r.IsImage() {
name = fmt.Sprintf("%s:%s@%s", r.Image.Name, r.Image.Tag, r.ServerName)
name = fmt.Sprintf("%s%s@%s", r.Image.Tag, r.Image.Digest, r.ServerName)
if uuid := getOrCreateServerUUID(r, server); uuid != "" {
server.UUIDs[r.ServerName] = uuid
}

17
report/s3.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

18
report/saas.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -156,6 +139,7 @@ func (w SaasWriter) Write(rs ...models.ScanResult) (err error) {
tempCredential.S3Bucket, s3Key, err)
}
}
util.Log.Infof("done")
return nil
}

48
report/slack.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -87,8 +70,11 @@ func (w SlackWriter) Write(rs ...models.ScanResult) (err error) {
}
var ts string
if _, ts, err = api.PostMessage(channel,
summary, msgPrms); err != nil {
if _, ts, err = api.PostMessage(
channel,
slack.MsgOptionText(summary, true),
slack.MsgOptionPostMessageParameters(msgPrms),
); err != nil {
return err
}
@@ -100,10 +86,14 @@ func (w SlackWriter) Write(rs ...models.ScanResult) (err error) {
params := slack.PostMessageParameters{
Username: conf.AuthUser,
IconEmoji: conf.IconEmoji,
Attachments: m[k],
ThreadTimestamp: ts,
}
if _, _, err = api.PostMessage(channel, "", params); err != nil {
if _, _, err = api.PostMessage(
channel,
slack.MsgOptionText("", false),
slack.MsgOptionPostMessageParameters(params),
slack.MsgOptionAttachments(m[k]...),
); err != nil {
return err
}
}
@@ -339,14 +329,24 @@ func attachmentText(vinfo models.VulnInfo, osFamily string, cweDict map[string]m
func cweIDs(vinfo models.VulnInfo, osFamily string, cweDict models.CweDict) string {
links := []string{}
for _, c := range vinfo.CveContents.UniqCweIDs(osFamily) {
name, url, top10Rank, top10URL := cweDict.Get(c.Value, osFamily)
name, url, top10Rank, top10URL, cweTop25Rank, cweTop25URL, sansTop25Rank, sansTop25URL := cweDict.Get(c.Value, osFamily)
line := ""
if top10Rank != "" {
line = fmt.Sprintf("<%s|[OWASP Top %s]>",
top10URL, top10Rank)
}
links = append(links, fmt.Sprintf("%s <%s|%s>: %s",
line, url, c.Value, name))
if cweTop25Rank != "" {
line = fmt.Sprintf("<%s|[CWE Top %s]>",
cweTop25URL, cweTop25Rank)
}
if sansTop25Rank != "" {
line = fmt.Sprintf("<%s|[CWE/SANS Top %s]>",
sansTop25URL, sansTop25Rank)
}
if top10Rank == "" && cweTop25Rank == "" && sansTop25Rank == "" {
links = append(links, fmt.Sprintf("%s <%s|%s>: %s",
line, url, c.Value, name))
}
}
return strings.Join(links, "\n")
}

17
report/stdout.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

1
report/stride_test.go
View File

@@ -1 +0,0 @@
package report

17
report/syslog.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2018 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

1
report/telegram_test.go
View File

@@ -1 +0,0 @@
package report

88
report/tui.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -26,7 +9,6 @@ import (
"text/template"
"time"
"github.com/future-architect/vuls/alert"
"golang.org/x/xerrors"
"github.com/future-architect/vuls/config"
@@ -34,7 +16,7 @@ import (
"github.com/future-architect/vuls/util"
"github.com/google/subcommands"
"github.com/gosuri/uitable"
"github.com/jroimartin/gocui"
"github.com/jesseduffield/gocui"
)
var scanResults models.ScanResults
@@ -54,14 +36,15 @@ func RunTui(results models.ScanResults) subcommands.ExitStatus {
return scanResults[i].ServerName < scanResults[j].ServerName
})
g, err := gocui.NewGui(gocui.OutputNormal)
g := gocui.NewGui()
err := g.Init()
if err != nil {
util.Log.Errorf("%+v", err)
return subcommands.ExitFailure
}
defer g.Close()
g.SetManagerFunc(layout)
g.SetLayout(layout)
if err := keybindings(g); err != nil {
util.Log.Errorf("%+v", err)
return subcommands.ExitFailure
@@ -186,19 +169,19 @@ func nextView(g *gocui.Gui, v *gocui.View) error {
var err error
if v == nil {
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
}
switch v.Name() {
case "side":
_, err = g.SetCurrentView("summary")
err = g.SetCurrentView("summary")
case "summary":
_, err = g.SetCurrentView("detail")
err = g.SetCurrentView("detail")
case "detail":
_, err = g.SetCurrentView("changelog")
err = g.SetCurrentView("changelog")
case "changelog":
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
default:
_, err = g.SetCurrentView("summary")
err = g.SetCurrentView("summary")
}
return err
}
@@ -207,19 +190,19 @@ func previousView(g *gocui.Gui, v *gocui.View) error {
var err error
if v == nil {
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
}
switch v.Name() {
case "side":
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
case "summary":
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
case "detail":
_, err = g.SetCurrentView("summary")
err = g.SetCurrentView("summary")
case "changelog":
_, err = g.SetCurrentView("detail")
err = g.SetCurrentView("detail")
default:
_, err = g.SetCurrentView("side")
err = g.SetCurrentView("side")
}
return err
}
@@ -402,7 +385,7 @@ func cursorPageUp(g *gocui.Gui, v *gocui.View) error {
func previousSummary(g *gocui.Gui, v *gocui.View) error {
if v != nil {
// cursor to summary
if _, err := g.SetCurrentView("summary"); err != nil {
if err := g.SetCurrentView("summary"); err != nil {
return err
}
// move next line
@@ -410,7 +393,7 @@ func previousSummary(g *gocui.Gui, v *gocui.View) error {
return err
}
// cursor to detail
if _, err := g.SetCurrentView("detail"); err != nil {
if err := g.SetCurrentView("detail"); err != nil {
return err
}
}
@@ -420,7 +403,7 @@ func previousSummary(g *gocui.Gui, v *gocui.View) error {
func nextSummary(g *gocui.Gui, v *gocui.View) error {
if v != nil {
// cursor to summary
if _, err := g.SetCurrentView("summary"); err != nil {
if err := g.SetCurrentView("summary"); err != nil {
return err
}
// move next line
@@ -428,7 +411,7 @@ func nextSummary(g *gocui.Gui, v *gocui.View) error {
return err
}
// cursor to detail
if _, err := g.SetCurrentView("detail"); err != nil {
if err := g.SetCurrentView("detail"); err != nil {
return err
}
}
@@ -502,7 +485,7 @@ func getLine(g *gocui.Gui, v *gocui.View) error {
return err
}
fmt.Fprintln(v, l)
if _, err := g.SetCurrentView("msg"); err != nil {
if err := g.SetCurrentView("msg"); err != nil {
return err
}
}
@@ -525,7 +508,7 @@ func showMsg(g *gocui.Gui, v *gocui.View) error {
return err
}
fmt.Fprintln(v, l)
if _, err := g.SetCurrentView("msg"); err != nil {
if err := g.SetCurrentView("msg"); err != nil {
return err
}
}
@@ -536,7 +519,7 @@ func delMsg(g *gocui.Gui, v *gocui.View) error {
if err := g.DeleteView("msg"); err != nil {
return err
}
_, err := g.SetCurrentView("summary")
err := g.SetCurrentView("summary")
return err
}
@@ -586,7 +569,7 @@ func setSideLayout(g *gocui.Gui) error {
}
currentScanResult = scanResults[0]
vinfos = scanResults[0].ScannedCves.ToSortedSlice()
if _, err := g.SetCurrentView("side"); err != nil {
if err := g.SetCurrentView("side"); err != nil {
return err
}
}
@@ -640,17 +623,19 @@ func summaryLines(r models.ScanResult) string {
pkgNames = append(pkgNames, vinfo.GitHubSecurityAlerts.Names()...)
pkgNames = append(pkgNames, vinfo.WpPackageFixStats.Names()...)
alert := " "
if vinfo.AlertDict.HasAlert() {
alert = "! "
exploits := ""
if 0 < len(vinfo.Exploits) {
exploits = "POC"
}
var cols []string
cols = []string{
fmt.Sprintf(indexFormat, i+1),
alert + vinfo.CveID,
vinfo.CveID,
cvssScore + " |",
fmt.Sprintf("%1s |", vinfo.AttackVector()),
fmt.Sprintf("%4s |", vinfo.AttackVector()),
fmt.Sprintf("%3s |", exploits),
fmt.Sprintf("%6s |", vinfo.AlertDict.FormatSource()),
fmt.Sprintf("%7s |", vinfo.PatchStatus(r.Packages)),
strings.Join(pkgNames, ", "),
}
@@ -722,18 +707,17 @@ func setChangelogLayout(g *gocui.Gui) error {
var line string
if pack.Repository != "" {
line = fmt.Sprintf("* %s (%s)",
pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
pack.FormatVersionFromTo(affected),
pack.Repository)
} else {
line = fmt.Sprintf("* %s",
pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
)
line = fmt.Sprintf("* %s", pack.FormatVersionFromTo(affected))
}
lines = append(lines, line)
if len(pack.AffectedProcs) != 0 {
for _, p := range pack.AffectedProcs {
lines = append(lines, fmt.Sprintf(" * PID: %s %s", p.PID, p.Name))
lines = append(lines, fmt.Sprintf(" * PID: %s %s Port: %s",
p.PID, p.Name, p.ListenPorts))
}
} else {
// lines = append(lines, fmt.Sprintf(" * No affected process"))
@@ -856,7 +840,7 @@ type dataForTmpl struct {
Mitigation string
Confidences models.Confidences
Cwes []models.CweDictEntry
Alerts []alert.Alert
Alerts []models.Alert
Links []string
References []models.Reference
Packages []string

67
report/util.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (
@@ -104,6 +87,10 @@ func formatOneLineSummary(rs ...models.ScanResult) string {
r.FormatServerName(), r.Warnings))
}
}
// We don't want warning message to the summary file
if config.Conf.Quiet {
return fmt.Sprintf("%s\n", table)
}
return fmt.Sprintf("%s\n\n%s", table, strings.Join(
warnMsgs, "\n\n"))
}
@@ -140,7 +127,7 @@ No CVE-IDs are found in updatable packages.
exploits := ""
if 0 < len(vinfo.Exploits) {
exploits = " Y"
exploits = "POC"
}
link := ""
@@ -152,13 +139,13 @@ No CVE-IDs are found in updatable packages.
data = append(data, []string{
vinfo.CveID,
fmt.Sprintf("%7s", vinfo.PatchStatus(r.Packages)),
vinfo.AlertDict.FormatSource(),
fmt.Sprintf("%4.1f", max),
fmt.Sprintf("%5s", vinfo.AttackVector()),
// fmt.Sprintf("%4.1f", v2max),
// fmt.Sprintf("%4.1f", v3max),
fmt.Sprintf("%2s", vinfo.AttackVector()),
exploits,
vinfo.AlertDict.FormatSource(),
fmt.Sprintf("%7s", vinfo.PatchStatus(r.Packages)),
link,
})
}
@@ -167,13 +154,13 @@ No CVE-IDs are found in updatable packages.
table := tablewriter.NewWriter(&b)
table.SetHeader([]string{
"CVE-ID",
"Fixed",
"CERT",
"CVSS",
"Attack",
// "v3",
// "v2",
"AV",
"PoC",
"CERT",
"Fixed",
"NVD",
})
table.SetBorder(true)
@@ -230,14 +217,28 @@ No CVE-IDs are found in updatable packages.
}
cweURLs, top10URLs := []string{}, []string{}
cweTop25URLs, sansTop25URLs := []string{}, []string{}
for _, v := range vuln.CveContents.UniqCweIDs(r.Family) {
name, url, top10Rank, top10URL := r.CweDict.Get(v.Value, r.Lang)
name, url, top10Rank, top10URL, cweTop25Rank, cweTop25URL, sansTop25Rank, sansTop25URL := r.CweDict.Get(v.Value, r.Lang)
if top10Rank != "" {
data = append(data, []string{"CWE",
fmt.Sprintf("[OWASP Top%s] %s: %s (%s)",
top10Rank, v.Value, name, v.Type)})
top10URLs = append(top10URLs, top10URL)
} else {
}
if cweTop25Rank != "" {
data = append(data, []string{"CWE",
fmt.Sprintf("[CWE Top%s] %s: %s (%s)",
cweTop25Rank, v.Value, name, v.Type)})
cweTop25URLs = append(cweTop25URLs, cweTop25URL)
}
if sansTop25Rank != "" {
data = append(data, []string{"CWE",
fmt.Sprintf("[CWE/SANS Top%s] %s: %s (%s)",
sansTop25Rank, v.Value, name, v.Type)})
sansTop25URLs = append(sansTop25URLs, sansTop25URL)
}
if top10Rank == "" && cweTop25Rank == "" && sansTop25Rank == "" {
data = append(data, []string{"CWE", fmt.Sprintf("%s: %s (%s)",
v.Value, name, v.Type)})
}
@@ -250,19 +251,17 @@ No CVE-IDs are found in updatable packages.
var line string
if pack.Repository != "" {
line = fmt.Sprintf("%s (%s)",
pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
pack.FormatVersionFromTo(affected),
pack.Repository)
} else {
line = fmt.Sprintf("%s",
pack.FormatVersionFromTo(affected.NotFixedYet, affected.FixState),
)
line = pack.FormatVersionFromTo(affected)
}
data = append(data, []string{"Affected Pkg", line})
if len(pack.AffectedProcs) != 0 {
for _, p := range pack.AffectedProcs {
data = append(data, []string{"",
fmt.Sprintf(" - PID: %s %s", p.PID, p.Name)})
fmt.Sprintf(" - PID: %s %s, Port: %s", p.PID, p.Name, p.ListenPorts)})
}
}
}
@@ -322,6 +321,12 @@ No CVE-IDs are found in updatable packages.
for _, url := range top10URLs {
data = append(data, []string{"OWASP Top10", url})
}
if len(cweTop25URLs) != 0 {
data = append(data, []string{"CWE Top25", cweTop25URLs[0]})
}
if len(sansTop25URLs) != 0 {
data = append(data, []string{"SANS/CWE Top25", sansTop25URLs[0]})
}
for _, alert := range vuln.AlertDict.Ja {
data = append(data, []string{"JPCERT Alert", alert.URL})

17
report/writer.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package report
import (

26
scan/alpine.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
@@ -65,9 +48,6 @@ func detectAlpine(c config.ServerInfo) (itsMe bool, os osTypeInterface) {
}
func (o *alpine) checkScanMode() error {
if o.getServerInfo().Mode.IsOffline() {
return xerrors.New("Remove offline scan mode, Alpine needs internet connection")
}
return nil
}
@@ -82,6 +62,9 @@ func (o *alpine) checkIfSudoNoPasswd() error {
}
func (o *alpine) apkUpdate() error {
if o.getServerInfo().Mode.IsOffline() {
return nil
}
r := o.exec("apk update", noSudo)
if !r.isSuccess() {
return xerrors.Errorf("Failed to SSH: %s", r)
@@ -92,7 +75,8 @@ func (o *alpine) apkUpdate() error {
func (o *alpine) preCure() error {
o.log.Infof("Scanning in %s", o.getServerInfo().Mode)
if err := o.detectIPAddr(); err != nil {
o.log.Debugf("Failed to detect IP addresses: %s", err)
o.log.Warnf("Failed to detect IP addresses: %s", err)
o.warns = append(o.warns, err)
}
// Ignore this error as it just failed to detect the IP addresses
return nil

11
scan/amazon.go
View File

@@ -56,7 +56,6 @@ func (o *amazon) depsFast() []string {
func (o *amazon) depsFastRoot() []string {
return []string{
"yum-utils",
"yum-plugin-ps",
}
}
@@ -80,10 +79,12 @@ func (o *amazon) sudoNoPasswdCmdsFast() []cmd {
func (o *amazon) sudoNoPasswdCmdsFastRoot() []cmd {
return []cmd{
{"yum -q ps all --color=never", exitStatusZero},
{"stat /proc/1/exe", exitStatusZero},
{"needs-restarting", exitStatusZero},
{"which which", exitStatusZero},
{"stat /proc/1/exe", exitStatusZero},
{"ls -l /proc/1/exe", exitStatusZero},
{"cat /proc/1/maps", exitStatusZero},
{"lsof -i -P", exitStatusZero},
}
}
@@ -100,3 +101,7 @@ func (o rootPrivAmazon) repoquery() bool {
func (o rootPrivAmazon) yumMakeCache() bool {
return false
}
func (o rootPrivAmazon) yumPS() bool {
return false
}

167
scan/base.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
@@ -26,23 +9,23 @@ import (
"strings"
"time"
"github.com/knqyf263/fanal/analyzer"
"github.com/knqyf263/fanal/extractor"
"github.com/aquasecurity/fanal/analyzer"
"github.com/aquasecurity/fanal/extractor"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
"github.com/sirupsen/logrus"
"golang.org/x/xerrors"
// Import library scanner
_ "github.com/knqyf263/fanal/analyzer/library/bundler"
_ "github.com/knqyf263/fanal/analyzer/library/cargo"
_ "github.com/knqyf263/fanal/analyzer/library/composer"
_ "github.com/knqyf263/fanal/analyzer/library/npm"
_ "github.com/knqyf263/fanal/analyzer/library/pipenv"
_ "github.com/knqyf263/fanal/analyzer/library/poetry"
_ "github.com/knqyf263/fanal/analyzer/library/yarn"
_ "github.com/aquasecurity/fanal/analyzer/library/bundler"
_ "github.com/aquasecurity/fanal/analyzer/library/cargo"
_ "github.com/aquasecurity/fanal/analyzer/library/composer"
_ "github.com/aquasecurity/fanal/analyzer/library/npm"
_ "github.com/aquasecurity/fanal/analyzer/library/pipenv"
_ "github.com/aquasecurity/fanal/analyzer/library/poetry"
_ "github.com/aquasecurity/fanal/analyzer/library/yarn"
)
type base struct {
@@ -336,6 +319,39 @@ func (l *base) detectPlatform() {
return
}
var dsFingerPrintPrefix = "AgentStatus.agentCertHash: "
func (l *base) detectDeepSecurity() (fingerprint string, err error) {
// only work root user
if l.getServerInfo().Mode.IsFastRoot() {
if r := l.exec("test -f /opt/ds_agent/dsa_query", sudo); r.isSuccess() {
cmd := fmt.Sprintf(`/opt/ds_agent/dsa_query -c "GetAgentStatus" | grep %q`, dsFingerPrintPrefix)
r := l.exec(cmd, sudo)
if r.isSuccess() {
line := strings.TrimSpace(r.Stdout)
return line[len(dsFingerPrintPrefix):], nil
}
l.warns = append(l.warns, xerrors.New("Fail to retrieve deepsecurity fingerprint"))
}
}
return "", xerrors.Errorf("Failed to detect deepsecurity %s", l.ServerInfo.ServerName)
}
func (l *base) detectIPSs() {
if !config.Conf.DetectIPS {
return
}
ips := map[config.IPS]string{}
fingerprint, err := l.detectDeepSecurity()
if err != nil {
return
}
ips[config.DeepSecurity] = fingerprint
l.ServerInfo.IPSIdentifiers = ips
}
func (l *base) detectRunningOnAws() (ok bool, instanceID string, err error) {
if r := l.exec("type curl", noSudo); r.isSuccess() {
cmd := "curl --max-time 1 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id"
@@ -401,8 +417,9 @@ func (l *base) convertToModel() models.ScanResult {
}
image := models.Image{
Name: l.ServerInfo.Image.Name,
Tag: l.ServerInfo.Image.Tag,
Name: l.ServerInfo.Image.Name,
Tag: l.ServerInfo.Image.Tag,
Digest: l.ServerInfo.Image.Digest,
}
errs, warns := []string{}, []string{}
@@ -432,6 +449,7 @@ func (l *base) convertToModel() models.ScanResult {
Platform: l.Platform,
IPv4Addrs: l.ServerInfo.IPv4Addrs,
IPv6Addrs: l.ServerInfo.IPv6Addrs,
IPSIdentifiers: l.ServerInfo.IPSIdentifiers,
ScannedCves: l.VulnInfos,
ScannedVia: scannedVia,
RunningKernel: l.Kernel,
@@ -538,7 +556,7 @@ func (l *base) scanLibraries() (err error) {
// find / -name "*package-lock.json" -o -name "*yarn.lock" ... 2>&1 | grep -v "Permission denied"
cmd := fmt.Sprintf(`find / ` + findopt[:len(findopt)-3] + ` 2>&1 | grep -v "Permission denied"`)
r := exec(l.ServerInfo, cmd, noSudo)
if !r.isSuccess() {
if r.ExitStatus != 0 && r.ExitStatus != 1 {
return xerrors.Errorf("Failed to find lock files")
}
detectFiles = append(detectFiles, strings.Split(r.Stdout, "\n")...)
@@ -595,7 +613,7 @@ func (l *base) scanWordPress() (err error) {
l.getServerInfo().GetServerName(), wpOpts)
}
cmd := fmt.Sprintf("sudo -u %s -i -- %s cli version",
cmd := fmt.Sprintf("sudo -u %s -i -- %s cli version --allow-root",
l.ServerInfo.WordPress.OSUser,
l.ServerInfo.WordPress.CmdPath)
if r := exec(l.ServerInfo, cmd, noSudo); !r.isSuccess() {
@@ -640,7 +658,7 @@ func (l *base) detectWordPress() (*models.WordPressPackages, error) {
}
func (l *base) detectWpCore() (string, error) {
cmd := fmt.Sprintf("sudo -u %s -i -- %s core version --path=%s",
cmd := fmt.Sprintf("sudo -u %s -i -- %s core version --path=%s --allow-root",
l.ServerInfo.WordPress.OSUser,
l.ServerInfo.WordPress.CmdPath,
l.ServerInfo.WordPress.DocRoot)
@@ -653,7 +671,7 @@ func (l *base) detectWpCore() (string, error) {
}
func (l *base) detectWpThemes() ([]models.WpPackage, error) {
cmd := fmt.Sprintf("sudo -u %s -i -- %s theme list --path=%s --format=json",
cmd := fmt.Sprintf("sudo -u %s -i -- %s theme list --path=%s --format=json --allow-root 2>/dev/null",
l.ServerInfo.WordPress.OSUser,
l.ServerInfo.WordPress.CmdPath,
l.ServerInfo.WordPress.DocRoot)
@@ -674,7 +692,7 @@ func (l *base) detectWpThemes() ([]models.WpPackage, error) {
}
func (l *base) detectWpPlugins() ([]models.WpPackage, error) {
cmd := fmt.Sprintf("sudo -u %s -i -- %s plugin list --path=%s --format=json",
cmd := fmt.Sprintf("sudo -u %s -i -- %s plugin list --path=%s --format=json --allow-root 2>/dev/null",
l.ServerInfo.WordPress.OSUser,
l.ServerInfo.WordPress.CmdPath,
l.ServerInfo.WordPress.DocRoot)
@@ -692,3 +710,84 @@ func (l *base) detectWpPlugins() ([]models.WpPackage, error) {
}
return plugins, nil
}
func (l *base) ps() (stdout string, err error) {
cmd := `LANGUAGE=en_US.UTF-8 ps --no-headers --ppid 2 -p 2 --deselect -o pid,comm`
r := l.exec(util.PrependProxyEnv(cmd), noSudo)
if !r.isSuccess() {
return "", xerrors.Errorf("Failed to SSH: %s", r)
}
return r.Stdout, nil
}
func (l *base) parsePs(stdout string) map[string]string {
pidNames := map[string]string{}
scanner := bufio.NewScanner(strings.NewReader(stdout))
for scanner.Scan() {
line := strings.TrimSpace(scanner.Text())
ss := strings.Fields(line)
if len(ss) < 2 {
continue
}
pidNames[ss[0]] = ss[1]
}
return pidNames
}
func (l *base) lsProcExe(pid string) (stdout string, err error) {
cmd := fmt.Sprintf("ls -l /proc/%s/exe", pid)
r := l.exec(util.PrependProxyEnv(cmd), sudo)
if !r.isSuccess() {
return "", xerrors.Errorf("Failed to SSH: %s", r)
}
return r.Stdout, nil
}
func (l *base) parseLsProcExe(stdout string) (string, error) {
ss := strings.Fields(stdout)
if len(ss) < 11 {
return "", xerrors.Errorf("Unknown format: %s", stdout)
}
return ss[10], nil
}
func (l *base) grepProcMap(pid string) (stdout string, err error) {
cmd := fmt.Sprintf(`cat /proc/%s/maps 2>/dev/null | grep -v " 00:00 " | awk '{print $6}' | sort -n | uniq`, pid)
r := l.exec(util.PrependProxyEnv(cmd), sudo)
if !r.isSuccess() {
return "", xerrors.Errorf("Failed to SSH: %s", r)
}
return r.Stdout, nil
}
func (l *base) parseGrepProcMap(stdout string) (soPaths []string) {
scanner := bufio.NewScanner(strings.NewReader(stdout))
for scanner.Scan() {
line := strings.TrimSpace(scanner.Text())
soPaths = append(soPaths, line)
}
return soPaths
}
func (l *base) lsOfListen() (stdout string, err error) {
cmd := `lsof -i -P -n | grep LISTEN`
r := l.exec(util.PrependProxyEnv(cmd), sudo)
if !r.isSuccess(0, 1) {
return "", xerrors.Errorf("Failed to SSH: %s", r)
}
return r.Stdout, nil
}
func (l *base) parseLsOf(stdout string) map[string]string {
portPid := map[string]string{}
scanner := bufio.NewScanner(strings.NewReader(stdout))
for scanner.Scan() {
ss := strings.Fields(scanner.Text())
if len(ss) < 10 {
continue
}
pid, ipPort := ss[1], ss[8]
portPid[ipPort] = pid
}
return portPid
}

131
scan/base_test.go
View File

@@ -1,26 +1,16 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
"reflect"
"testing"
_ "github.com/aquasecurity/fanal/analyzer/library/bundler"
_ "github.com/aquasecurity/fanal/analyzer/library/cargo"
_ "github.com/aquasecurity/fanal/analyzer/library/composer"
_ "github.com/aquasecurity/fanal/analyzer/library/npm"
_ "github.com/aquasecurity/fanal/analyzer/library/pipenv"
_ "github.com/aquasecurity/fanal/analyzer/library/poetry"
_ "github.com/aquasecurity/fanal/analyzer/library/yarn"
"github.com/future-architect/vuls/config"
)
@@ -178,3 +168,110 @@ func TestParseSystemctlStatus(t *testing.T) {
}
}
}
func Test_base_parseLsProcExe(t *testing.T) {
type args struct {
stdout string
}
tests := []struct {
name string
args args
want string
wantErr bool
}{
{
name: "systemd",
args: args{
stdout: "lrwxrwxrwx 1 root root 0 Jun 29 17:13 /proc/1/exe -> /lib/systemd/systemd",
},
want: "/lib/systemd/systemd",
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
l := &base{}
got, err := l.parseLsProcExe(tt.args.stdout)
if (err != nil) != tt.wantErr {
t.Errorf("base.parseLsProcExe() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("base.parseLsProcExe() = %v, want %v", got, tt.want)
}
})
}
}
func Test_base_parseGrepProcMap(t *testing.T) {
type args struct {
stdout string
}
tests := []struct {
name string
args args
wantSoPaths []string
}{
{
name: "systemd",
args: args{
`/etc/selinux/targeted/contexts/files/file_contexts.bin
/etc/selinux/targeted/contexts/files/file_contexts.homedirs.bin
/usr/lib64/libdl-2.28.so`,
},
wantSoPaths: []string{
"/etc/selinux/targeted/contexts/files/file_contexts.bin",
"/etc/selinux/targeted/contexts/files/file_contexts.homedirs.bin",
"/usr/lib64/libdl-2.28.so",
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
l := &base{}
if gotSoPaths := l.parseGrepProcMap(tt.args.stdout); !reflect.DeepEqual(gotSoPaths, tt.wantSoPaths) {
t.Errorf("base.parseGrepProcMap() = %v, want %v", gotSoPaths, tt.wantSoPaths)
}
})
}
}
func Test_base_parseLsOf(t *testing.T) {
type args struct {
stdout string
}
tests := []struct {
name string
args args
wantPortPid map[string]string
}{
{
name: "lsof",
args: args{
stdout: `systemd-r 474 systemd-resolve 13u IPv4 11904 0t0 TCP localhost:53 (LISTEN)
sshd 644 root 3u IPv4 16714 0t0 TCP *:22 (LISTEN)
sshd 644 root 4u IPv6 16716 0t0 TCP *:22 (LISTEN)
squid 959 proxy 11u IPv6 16351 0t0 TCP *:3128 (LISTEN)
node 1498 ubuntu 21u IPv6 20132 0t0 TCP *:35401 (LISTEN)
node 1498 ubuntu 22u IPv6 20133 0t0 TCP *:44801 (LISTEN)
docker-pr 9135 root 4u IPv6 297133 0t0 TCP *:6379 (LISTEN)`,
},
wantPortPid: map[string]string{
"localhost:53": "474",
"*:22": "644",
"*:3128": "959",
"*:35401": "1498",
"*:44801": "1498",
"*:6379": "9135",
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
l := &base{}
if gotPortPid := l.parseLsOf(tt.args.stdout); !reflect.DeepEqual(gotPortPid, tt.wantPortPid) {
t.Errorf("base.parseLsOf() = %v, want %v", gotPortPid, tt.wantPortPid)
}
})
}
}

31
scan/centos.go
View File

@@ -49,11 +49,8 @@ func (o *centos) depsFast() []string {
}
// repoquery
majorVersion, _ := o.Distro.MajorVersion()
if majorVersion < 8 {
return []string{"yum-utils"}
}
return []string{"dnf-utils"}
// `rpm -qa` shows dnf-utils as yum-utils on RHEL8, CentOS8
return []string{"yum-utils"}
}
func (o *centos) depsFastRoot() []string {
@@ -62,11 +59,8 @@ func (o *centos) depsFastRoot() []string {
}
// repoquery
majorVersion, _ := o.Distro.MajorVersion()
if majorVersion < 8 {
return []string{"yum-utils"}
}
return []string{"dnf-utils"}
// `rpm -qa` shows dnf-utils as yum-utils on RHEL8, CentOS8
return []string{"yum-utils"}
}
func (o *centos) depsDeep() []string {
@@ -88,19 +82,20 @@ func (o *centos) sudoNoPasswdCmdsFast() []cmd {
}
func (o *centos) sudoNoPasswdCmdsFastRoot() []cmd {
if o.getServerInfo().Mode.IsOffline() {
// yum ps needs internet connection
if !o.ServerInfo.IsContainer() {
return []cmd{
{"stat /proc/1/exe", exitStatusZero},
{"repoquery -h", exitStatusZero},
{"needs-restarting", exitStatusZero},
{"which which", exitStatusZero},
{"stat /proc/1/exe", exitStatusZero},
{"ls -l /proc/1/exe", exitStatusZero},
{"cat /proc/1/maps", exitStatusZero},
{"lsof -i -P", exitStatusZero},
}
}
return []cmd{
{"yum -q ps all --color=never", exitStatusZero},
{"stat /proc/1/exe", exitStatusZero},
{"repoquery -h", exitStatusZero},
{"needs-restarting", exitStatusZero},
{"which which", exitStatusZero},
}
}
@@ -117,3 +112,7 @@ func (o rootPrivCentos) repoquery() bool {
func (o rootPrivCentos) yumMakeCache() bool {
return false
}
func (o rootPrivCentos) yumPS() bool {
return false
}

78
scan/container.go
View File

@@ -1,56 +1,43 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
"context"
"fmt"
"strings"
"time"
"github.com/knqyf263/fanal/analyzer"
"github.com/aquasecurity/fanal/analyzer"
"github.com/aquasecurity/fanal/cache"
"github.com/aquasecurity/fanal/extractor/docker"
"github.com/aquasecurity/fanal/utils"
"golang.org/x/xerrors"
fanalos "github.com/aquasecurity/fanal/analyzer/os"
godeptypes "github.com/aquasecurity/go-dep-parser/pkg/types"
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
fanalos "github.com/knqyf263/fanal/analyzer/os"
godeptypes "github.com/knqyf263/go-dep-parser/pkg/types"
// Register library analyzers
_ "github.com/knqyf263/fanal/analyzer/library/bundler"
_ "github.com/knqyf263/fanal/analyzer/library/cargo"
_ "github.com/knqyf263/fanal/analyzer/library/composer"
_ "github.com/knqyf263/fanal/analyzer/library/npm"
_ "github.com/knqyf263/fanal/analyzer/library/pipenv"
_ "github.com/knqyf263/fanal/analyzer/library/poetry"
_ "github.com/knqyf263/fanal/analyzer/library/yarn"
_ "github.com/aquasecurity/fanal/analyzer/library/bundler"
_ "github.com/aquasecurity/fanal/analyzer/library/cargo"
_ "github.com/aquasecurity/fanal/analyzer/library/composer"
_ "github.com/aquasecurity/fanal/analyzer/library/npm"
_ "github.com/aquasecurity/fanal/analyzer/library/pipenv"
_ "github.com/aquasecurity/fanal/analyzer/library/poetry"
_ "github.com/aquasecurity/fanal/analyzer/library/yarn"
// Register os analyzers
_ "github.com/knqyf263/fanal/analyzer/os/alpine"
_ "github.com/knqyf263/fanal/analyzer/os/amazonlinux"
_ "github.com/knqyf263/fanal/analyzer/os/debianbase"
_ "github.com/knqyf263/fanal/analyzer/os/opensuse"
_ "github.com/knqyf263/fanal/analyzer/os/redhatbase"
_ "github.com/aquasecurity/fanal/analyzer/os/alpine"
_ "github.com/aquasecurity/fanal/analyzer/os/amazonlinux"
_ "github.com/aquasecurity/fanal/analyzer/os/debianbase"
_ "github.com/aquasecurity/fanal/analyzer/os/redhatbase"
_ "github.com/aquasecurity/fanal/analyzer/os/suse"
// Register package analyzers
_ "github.com/knqyf263/fanal/analyzer/pkg/apk"
_ "github.com/knqyf263/fanal/analyzer/pkg/dpkg"
_ "github.com/knqyf263/fanal/analyzer/pkg/rpmcmd"
_ "github.com/aquasecurity/fanal/analyzer/pkg/apk"
_ "github.com/aquasecurity/fanal/analyzer/pkg/dpkg"
_ "github.com/aquasecurity/fanal/analyzer/pkg/rpmcmd"
)
// inherit OsTypeInterface
@@ -93,8 +80,16 @@ func detectContainerImage(c config.ServerInfo) (itsMe bool, containerImage osTyp
return false, newDummyOS(c), err
}
osName := os.Name
switch os.Family {
case fanalos.Amazon:
osName = "1"
if strings.HasPrefix(os.Family, "2") {
osName = "2"
}
}
p := newContainerImage(c, pkgs, libScanners)
p.setDistro(os.Family, os.Name)
p.setDistro(os.Family, osName)
return true, p, nil
}
@@ -110,15 +105,21 @@ func convertLibWithScanner(libs map[analyzer.FilePath][]godeptypes.Library) ([]m
func scanImage(c config.ServerInfo) (os *analyzer.OS, pkgs []analyzer.Package, libs map[analyzer.FilePath][]godeptypes.Library, err error) {
ctx := context.Background()
domain := c.Image.Name + ":" + c.Image.Tag
domain := c.Image.GetFullName()
util.Log.Info("Start fetch container... ", domain)
fanalCache := cache.Initialize(utils.CacheDir())
// Configure dockerOption
dockerOption := c.Image.DockerOption
if dockerOption.Timeout == 0 {
dockerOption.Timeout = 60 * time.Second
}
files, err := analyzer.Analyze(ctx, domain, dockerOption)
ext, err := docker.NewDockerExtractor(dockerOption, fanalCache)
if err != nil {
return nil, nil, nil, xerrors.Errorf("Failed initialize docker extractor%w", err)
}
ac := analyzer.Config{Extractor: ext}
files, err := ac.Analyze(ctx, domain, dockerOption)
if err != nil {
return nil, nil, nil, xerrors.Errorf("Failed scan files %q, %w", domain, err)
@@ -164,6 +165,7 @@ func convertFanalToVulsPkg(pkgs []analyzer.Package) (map[string]models.Package,
modelSrcPkgs[pkg.SrcName] = models.SrcPackage{
Name: pkg.SrcName,
Version: pkg.SrcVersion,
Arch: pkg.Arch,
BinaryNames: []string{pkg.Name},
}
}

130
scan/debian.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
@@ -149,6 +132,9 @@ func (o *debian) checkIfSudoNoPasswd() error {
cmds := []string{
"checkrestart",
"stat /proc/1/exe",
"ls -l /proc/1/exe",
"cat /proc/1/maps",
"lsof -i -P",
}
if !o.getServerInfo().Mode.IsOffline() {
@@ -255,13 +241,23 @@ func (o *debian) checkDeps() error {
func (o *debian) preCure() error {
o.log.Infof("Scanning in %s", o.getServerInfo().Mode)
if err := o.detectIPAddr(); err != nil {
o.log.Debugf("Failed to detect IP addresses: %s", err)
o.log.Warnf("Failed to detect IP addresses: %s", err)
o.warns = append(o.warns, err)
}
// Ignore this error as it just failed to detect the IP addresses
return nil
}
func (o *debian) postScan() error {
if o.getServerInfo().Mode.IsDeep() || o.getServerInfo().Mode.IsFastRoot() {
if err := o.dpkgPs(); err != nil {
err = xerrors.Errorf("Failed to dpkg-ps: %w", err)
o.log.Warnf("err: %+v", err)
o.warns = append(o.warns, err)
// Only warning this error
}
}
if o.getServerInfo().Mode.IsDeep() || o.getServerInfo().Mode.IsFastRoot() {
if err := o.checkrestart(); err != nil {
err = xerrors.Errorf("Failed to scan need-restarting processes: %w", err)
@@ -1109,3 +1105,101 @@ func (o *debian) parseCheckRestart(stdout string) (models.Packages, []string) {
}
return packs, unknownServices
}
func (o *debian) dpkgPs() error {
stdout, err := o.ps()
if err != nil {
return xerrors.Errorf("Failed to ps: %w", err)
}
pidNames := o.parsePs(stdout)
pidLoadedFiles := map[string][]string{}
// for pid, name := range pidNames {
for pid := range pidNames {
stdout := ""
stdout, err = o.lsProcExe(pid)
if err != nil {
o.log.Debugf("Failed to exec /proc/%s/exe err: %s", pid, err)
continue
}
s, err := o.parseLsProcExe(stdout)
if err != nil {
o.log.Debugf("Failed to parse /proc/%s/exe: %s", pid, err)
continue
}
pidLoadedFiles[pid] = append(pidLoadedFiles[pid], s)
stdout, err = o.grepProcMap(pid)
if err != nil {
o.log.Debugf("Failed to exec /proc/%s/maps: %s", pid, err)
continue
}
ss := o.parseGrepProcMap(stdout)
pidLoadedFiles[pid] = append(pidLoadedFiles[pid], ss...)
}
pidListenPorts := map[string][]string{}
stdout, err = o.lsOfListen()
if err != nil {
return xerrors.Errorf("Failed to ls of: %w", err)
}
portPid := o.parseLsOf(stdout)
for port, pid := range portPid {
pidListenPorts[pid] = append(pidListenPorts[pid], port)
}
for pid, loadedFiles := range pidLoadedFiles {
o.log.Debugf("dpkg -S %#v", loadedFiles)
pkgNames, err := o.getPkgName(loadedFiles)
if err != nil {
o.log.Debugf("Failed to get package name by file path: %s, err: %s", pkgNames, err)
continue
}
procName := ""
if _, ok := pidNames[pid]; ok {
procName = pidNames[pid]
}
proc := models.AffectedProcess{
PID: pid,
Name: procName,
ListenPorts: pidListenPorts[pid],
}
for _, n := range pkgNames {
p, ok := o.Packages[n]
if !ok {
return xerrors.Errorf("pkg not found %s", n)
}
p.AffectedProcs = append(p.AffectedProcs, proc)
o.Packages[p.Name] = p
}
}
return nil
}
func (o *debian) getPkgName(paths []string) (pkgNames []string, err error) {
cmd := "dpkg -S " + strings.Join(paths, " ")
r := o.exec(util.PrependProxyEnv(cmd), noSudo)
if !r.isSuccess(0, 1) {
return nil, xerrors.Errorf("Failed to SSH: %s", r)
}
return o.parseGetPkgName(r.Stdout), nil
}
func (o *debian) parseGetPkgName(stdout string) (pkgNames []string) {
uniq := map[string]struct{}{}
scanner := bufio.NewScanner(strings.NewReader(stdout))
for scanner.Scan() {
line := scanner.Text()
ss := strings.Fields(line)
if len(ss) < 2 || ss[1] == "no" {
continue
}
s := strings.Split(ss[0], ":")[0]
uniq[s] = struct{}{}
}
for n := range uniq {
pkgNames = append(pkgNames, n)
}
return pkgNames
}

54
scan/debian_test.go
View File

@@ -1,25 +1,9 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (
"os"
"reflect"
"sort"
"testing"
"github.com/future-architect/vuls/cache"
@@ -726,3 +710,39 @@ util-linux:
}
}
}
func Test_debian_parseGetPkgName(t *testing.T) {
type args struct {
stdout string
}
tests := []struct {
name string
args args
wantPkgNames []string
}{
{
name: "success",
args: args{
stdout: `udev: /lib/systemd/systemd-udevd
dpkg-query: no path found matching pattern /lib/modules/3.16.0-6-amd64/modules.alias.bin
udev: /lib/systemd/systemd-udevd
dpkg-query: no path found matching pattern /lib/udev/hwdb.bin
libuuid1:amd64: /lib/x86_64-linux-gnu/libuuid.so.1.3.0`,
},
wantPkgNames: []string{
"libuuid1",
"udev",
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
o := &debian{}
gotPkgNames := o.parseGetPkgName(tt.args.stdout)
sort.Strings(gotPkgNames)
if !reflect.DeepEqual(gotPkgNames, tt.wantPkgNames) {
t.Errorf("debian.parseGetPkgName() = %v, want %v", gotPkgNames, tt.wantPkgNames)
}
})
}
}

17
scan/executil.go
View File

@@ -1,20 +1,3 @@
/* Vuls - Vulnerability Scanner
Copyright (C) 2016 Future Corporation , Japan.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package scan
import (

Some files were not shown because too many files have changed in this diff Show More