[Outil] Debsecan : Analyseur de vulnérabilité

Ce site est optimisé pour être consulté depuis un navigateur moderne dans lequel JavaScript est activé.

[Outil] Debsecan : Analyseur de vulnérabilité

Hardware

Bonjour,

Je viens de découvrir un outil bien sympa nommé Debscan qui permet de générer une liste des vulnérabilités présentes sur les serveurs en fonction du type de la distribution, de la gravité, de la méthode d'exécution...etc

Pour l'installer :

apt-get install debsecan

On va lui demander si il existe des vulnérabilités exploitables à distance, avec un niveau de gravité élevé et non patchées à ce jour :

debsecan --suite `lsb_release -c | cut -d ':' -f2` | grep 'remotely exploitable' | grep 'high urgency' | grep -v 'fixed' | sort

Le résultat est assez étonnant :

CVE-2013-1961 libtiff4 (remotely exploitable, high urgency)
CVE-2014-1912 python2.6-minimal (remotely exploitable, high urgency)
CVE-2014-1912 python2.6 (remotely exploitable, high urgency)
CVE-2014-3007 python-imaging (remotely exploitable, high urgency)
CVE-2014-4043 libc6-dev (remotely exploitable, high urgency)
CVE-2014-4043 libc6 (remotely exploitable, high urgency)
CVE-2014-4043 libc-bin (remotely exploitable, high urgency)
CVE-2014-4043 libc-dev-bin (remotely exploitable, high urgency)
CVE-2014-4043 locales (remotely exploitable, high urgency)
CVE-2014-4043 multiarch-support (remotely exploitable, high urgency)
CVE-2014-8485 binutils (remotely exploitable, high urgency)
CVE-2014-8501 binutils (remotely exploitable, high urgency)
CVE-2014-8502 binutils (remotely exploitable, high urgency)
CVE-2014-8503 binutils (remotely exploitable, high urgency)
CVE-2014-8504 binutils (remotely exploitable, high urgency)

Dans l'exemple ci-dessus, 9 vulnérabilités sont présentes sur le serveur, toutes exploitables à distance et avec un niveau de gravité élevé ( CVSS Severity ). Donc même une Debian bien à jour n'est pas sans faille, il faut attendre que l'équipe de sécurité patch les paquets vulnérables. Plus d'info sur : http://security-team.debian.org/

Bon faut relativiser, vu le nombre de CVE push chaque jour c'est pas anormal qui il y en ait autant sur une distrib à jour, et elle sont pas toutes exploitables facilement, certaines nécessites des conditions particulières.

Si vous voulez être prévenu par mail des patchs disponibles...etc vérifier le contenu du fichier /etc/default/debsecan :

# Activation du rapport journalier
REPORT=true
MAILTO=root

Et pour finir, mettez votre adresse mail dans /etc/aliases :

root: security@mondomaine.tld

Pour que le mail soit envoyé, il faut un serveur smtp comme exim4 par exemple ( ne suivez pas le tuto d'installation du serveur de mail présent sur le forum juste pour envoyer un pauvre mail journalier, c'est comme prendre un bazooka pour tuer une mouche ^^ )

Lien vers le projet : http://www.enyo.de/fw/software/debsecan/

BXT

Je connaissais un tool du même genre, voir lui 😛

Thanks, ça peut être pas mal

EDIT:

CVE-2008-3112 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2008-3112 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2008-3112 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2008-3112 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2008-3112 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-0723 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-0723 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-0723 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-0723 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-0723 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-0733 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-0733 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-0733 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-0733 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-0733 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-1094 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-1094 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-1094 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-1094 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-1094 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-1095 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-1095 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-1095 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-1095 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-1095 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-1096 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-1096 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-1096 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-1096 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-1096 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-1097 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-1097 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-1097 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-1097 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-1097 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-1098 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-1098 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-1098 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-1098 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-1098 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2009-2675 icedtea-6-jre-cacao (remotely exploitable, high urgency)
CVE-2009-2675 icedtea-6-jre-jamvm (remotely exploitable, high urgency)
CVE-2009-2675 openjdk-6-jre-headless (remotely exploitable, high urgency)
CVE-2009-2675 openjdk-6-jre-lib (remotely exploitable, high urgency)
CVE-2009-2675 openjdk-6-jre (remotely exploitable, high urgency)
CVE-2013-1961 libtiff4 (remotely exploitable, high urgency)
CVE-2013-1961 libtiff4 (remotely exploitable, high urgency)
CVE-2013-6435 librpm3 (remotely exploitable, high urgency)
CVE-2013-6435 librpmbuild3 (remotely exploitable, high urgency)
CVE-2013-6435 librpmio3 (remotely exploitable, high urgency)
CVE-2013-6435 librpmsign1 (remotely exploitable, high urgency)
CVE-2013-6435 rpm2cpio (remotely exploitable, high urgency)
CVE-2013-6435 rpm-common (remotely exploitable, high urgency)
CVE-2013-6435 rpm (remotely exploitable, high urgency)
CVE-2014-1569 libnss3-1d (remotely exploitable, high urgency)
CVE-2014-1569 libnss3-1d (remotely exploitable, high urgency)
CVE-2014-1569 libnss3 (remotely exploitable, high urgency)
CVE-2014-1569 libnss3 (remotely exploitable, high urgency)
CVE-2014-1912 python2.6-minimal (remotely exploitable, high urgency)
CVE-2014-1912 python2.6 (remotely exploitable, high urgency)
CVE-2014-3007 python-imaging (remotely exploitable, high urgency)
CVE-2014-3188 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3188 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3188 chromium (remotely exploitable, high urgency)
CVE-2014-3189 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3189 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3189 chromium (remotely exploitable, high urgency)
CVE-2014-3190 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3190 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3190 chromium (remotely exploitable, high urgency)
CVE-2014-3191 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3191 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3191 chromium (remotely exploitable, high urgency)
CVE-2014-3192 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3192 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3192 chromium (remotely exploitable, high urgency)
CVE-2014-3193 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3193 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3193 chromium (remotely exploitable, high urgency)
CVE-2014-3194 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3194 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3194 chromium (remotely exploitable, high urgency)
CVE-2014-3200 chromium-browser (remotely exploitable, high urgency)
CVE-2014-3200 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-3200 chromium (remotely exploitable, high urgency)
CVE-2014-4043 libc6-dev (remotely exploitable, high urgency)
CVE-2014-4043 libc6-i686 (remotely exploitable, high urgency)
CVE-2014-4043 libc6 (remotely exploitable, high urgency)
CVE-2014-4043 libc6 (remotely exploitable, high urgency)
CVE-2014-4043 libc-bin (remotely exploitable, high urgency)
CVE-2014-4043 libc-dev-bin (remotely exploitable, high urgency)
CVE-2014-4043 locales (remotely exploitable, high urgency)
CVE-2014-4043 multiarch-support (remotely exploitable, high urgency)
CVE-2014-7900 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7900 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7900 chromium (remotely exploitable, high urgency)
CVE-2014-7901 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7901 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7901 chromium (remotely exploitable, high urgency)
CVE-2014-7902 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7902 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7902 chromium (remotely exploitable, high urgency)
CVE-2014-7903 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7903 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7903 chromium (remotely exploitable, high urgency)
CVE-2014-7904 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7904 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7904 chromium (remotely exploitable, high urgency)
CVE-2014-7906 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7906 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7906 chromium (remotely exploitable, high urgency)
CVE-2014-7907 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7907 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7907 chromium (remotely exploitable, high urgency)
CVE-2014-7908 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7908 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7908 chromium (remotely exploitable, high urgency)
CVE-2014-7910 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7910 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7910 chromium (remotely exploitable, high urgency)
CVE-2014-7967 chromium-browser (remotely exploitable, high urgency)
CVE-2014-7967 chromium-inspector (remotely exploitable, high urgency)
CVE-2014-7967 chromium (remotely exploitable, high urgency)
CVE-2014-8118 librpm3 (remotely exploitable, high urgency)
CVE-2014-8118 librpmbuild3 (remotely exploitable, high urgency)
CVE-2014-8118 librpmio3 (remotely exploitable, high urgency)
CVE-2014-8118 librpmsign1 (remotely exploitable, high urgency)
CVE-2014-8118 rpm2cpio (remotely exploitable, high urgency)
CVE-2014-8118 rpm-common (remotely exploitable, high urgency)
CVE-2014-8118 rpm (remotely exploitable, high urgency)
CVE-2014-8485 binutils (remotely exploitable, high urgency)
CVE-2014-8501 binutils (remotely exploitable, high urgency)
CVE-2014-8502 binutils (remotely exploitable, high urgency)
CVE-2014-8503 binutils (remotely exploitable, high urgency)
CVE-2014-8504 binutils (remotely exploitable, high urgency)

On en parle ou pas ? xD

EDIT2: Le plus inquiétant, ce sont les CVE bien connu, toujours pas fix dans de gros packages..

Hardware

Ouais ça m'étonne aussi, celle présente dans libc6 a été découverte le 6 juin 2014 et celle dans python 2.5, 2.7, 3.3, 3.4 le 28 février 2014, c'est étrange tout de même... surtout quand on voit ça :

Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

Magicalex

moi j'ai une belle liste..

CVE-2013-1961 libtiff4 (remotely exploitable, high urgency)
CVE-2014-1912 python2.6-minimal (remotely exploitable, high urgency)
CVE-2014-1912 python2.6 (remotely exploitable, high urgency)
CVE-2014-4043 libc6-dev (remotely exploitable, high urgency)
CVE-2014-4043 libc6 (remotely exploitable, high urgency)
CVE-2014-4043 libc-bin (remotely exploitable, high urgency)
CVE-2014-4043 libc-dev-bin (remotely exploitable, high urgency)
CVE-2014-4043 locales (remotely exploitable, high urgency)
CVE-2014-4043 multiarch-support (remotely exploitable, high urgency)
CVE-2014-7192 nodejs (remotely exploitable, high urgency, obsolete)
CVE-2014-8485 binutils (remotely exploitable, high urgency)
CVE-2014-8501 binutils (remotely exploitable, high urgency)
CVE-2014-8502 binutils (remotely exploitable, high urgency)
CVE-2014-8503 binutils (remotely exploitable, high urgency)
CVE-2014-8504 binutils (remotely exploitable, high urgency)
CVE-2014-8543 ffmpeg (remotely exploitable, high urgency)
CVE-2014-8543 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-8543 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-8543 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-8543 libavformat53 (remotely exploitable, high urgency)
CVE-2014-8543 libav-tools (remotely exploitable, high urgency)
CVE-2014-8543 libavutil51 (remotely exploitable, high urgency)
CVE-2014-8543 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-8543 libswscale2 (remotely exploitable, high urgency)
CVE-2014-8544 ffmpeg (remotely exploitable, high urgency)
CVE-2014-8544 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-8544 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-8544 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-8544 libavformat53 (remotely exploitable, high urgency)
CVE-2014-8544 libav-tools (remotely exploitable, high urgency)
CVE-2014-8544 libavutil51 (remotely exploitable, high urgency)
CVE-2014-8544 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-8544 libswscale2 (remotely exploitable, high urgency)
CVE-2014-8546 ffmpeg (remotely exploitable, high urgency)
CVE-2014-8546 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-8546 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-8546 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-8546 libavformat53 (remotely exploitable, high urgency)
CVE-2014-8546 libav-tools (remotely exploitable, high urgency)
CVE-2014-8546 libavutil51 (remotely exploitable, high urgency)
CVE-2014-8546 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-8546 libswscale2 (remotely exploitable, high urgency)
CVE-2014-8547 ffmpeg (remotely exploitable, high urgency)
CVE-2014-8547 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-8547 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-8547 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-8547 libavformat53 (remotely exploitable, high urgency)
CVE-2014-8547 libav-tools (remotely exploitable, high urgency)
CVE-2014-8547 libavutil51 (remotely exploitable, high urgency)
CVE-2014-8547 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-8547 libswscale2 (remotely exploitable, high urgency)
CVE-2014-8548 ffmpeg (remotely exploitable, high urgency)
CVE-2014-8548 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-8548 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-8548 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-8548 libavformat53 (remotely exploitable, high urgency)
CVE-2014-8548 libav-tools (remotely exploitable, high urgency)
CVE-2014-8548 libavutil51 (remotely exploitable, high urgency)
CVE-2014-8548 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-8548 libswscale2 (remotely exploitable, high urgency)
CVE-2014-9316 ffmpeg (remotely exploitable, high urgency)
CVE-2014-9316 libavcodec53 (remotely exploitable, high urgency)
CVE-2014-9316 libavdevice53 (remotely exploitable, high urgency)
CVE-2014-9316 libavfilter2 (remotely exploitable, high urgency)
CVE-2014-9316 libavformat53 (remotely exploitable, high urgency)
CVE-2014-9316 libav-tools (remotely exploitable, high urgency)
CVE-2014-9316 libavutil51 (remotely exploitable, high urgency)
CVE-2014-9316 libpostproc52 (remotely exploitable, high urgency)
CVE-2014-9316 libswscale2 (remotely exploitable, high urgency)

Hardware

Magicalex wrote: [...]
CVE-2014-7192 nodejs (remotely exploitable, high urgency, obsolete)
[...]

Heusement que dans le tas, il y a Node.js pour sauver l'honneur. Au moins si quelqu'un prend la main sur ton serveur ça sera pas à cause de lui

Ayenon

Et comment on peut remédier à toutes ses failles ?

Magicalex

Hardware wrote:
Magicalex wrote: [...]
CVE-2014-7192 nodejs (remotely exploitable, high urgency, obsolete)
[...]
Heusement que dans le tas, il y a Node.js pour sauver l'honneur. Au moins si quelqu'un prend la main sur ton serveur ça sera pas à cause de lui 😀

j'ai la dernière version, encore heureux ^^

Ayenon wrote:Et comment on peut remédier à toutes ses failles ? 😛

serrer les fe**** xD

je sais pas. Déjà faudrait savoir comment il test les failles debsecan. Sur quoi il se base pour nous sortir ça.
Il doit y avoir des faux positifs. Enfin j'espère parce que remotely exploitable, high urgency

jsuis dans la merde xD

Hardware

Ayenon wrote:Et comment on peut remédier à toutes ses failles ? 😛

- Attendre un patch des gars qui s'occupent de la sécurité chez Debian
- Attendre que les mainteneurs mettent à jour les dépendances
- Mettre à jour vers une version supérieur en passant à Debian unstable
- Ne pas installer les paquets listés (pour libc6 ça va être compliqué vu que c'est une dépendance nécessaire à 80% des paquets sur Debian)
- Si ils sont installés veiller qu'ils ne soient pas exécutés par root mais par un utilisateur séparé avec moins de droits (donc un impact quasi négligeable pour le système)
- Utiliser un système de conteneur comme Docker pour isoler chaque "Soft" et donc réduire encore plus l'impact d'une vulnérabilité
- ... pleins d'autres choses je pense, c'est ce qu'il me vient en tête tout de suite

Et enfin utiliser un IDS / HIDS pour prévenir et repérer l'utilisation d'une vulnérabilité / faille / exploit :

- http://mondedie.fr/d/5821
- http://mondedie.fr/d/5860

Ayenon

Magicalex wrote:
Ayenon wrote:Et comment on peut remédier à toutes ses failles ? 😛
serrer les fe**** xD

Je le fais déjà ça !

Et Hardware, j'ai déjà installer et configurer Prelude et Ossec, il me reste plus que Nessus

Aerya

Notez que ça a évolué depuis et il suffit maintenant de prendre et lancer un script Python

wget http://git.enyo.de/fw/debian/debsecan.git/debsecan.py
python debsecan.py | grep 'remotely exploitable' | grep 'high urgency' | grep -v 'fixed' | sort

Dryusdan

Petite question, pour des distrip HREL ou un outil de ce type existe aussi ? 🙂

Aerya

Dryusdan OpenSCAP

Dryusdan

Aerya Merci 😃

BXT

CVE-2013-7445 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2013-7445 linux-libc-dev (remotely exploitable, high urgency)
CVE-2014-9761 libc6-dev (remotely exploitable, high urgency)
CVE-2014-9761 libc6 (remotely exploitable, high urgency)
CVE-2014-9761 libc-bin (remotely exploitable, high urgency)
CVE-2014-9761 libc-dev-bin (remotely exploitable, high urgency)
CVE-2014-9761 locales (remotely exploitable, high urgency)
CVE-2014-9761 multiarch-support (remotely exploitable, high urgency)
CVE-2015-5600 openssh-client (remotely exploitable, high urgency)
CVE-2015-5600 openssh-server (remotely exploitable, high urgency)
CVE-2015-5600 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2015-7554 libtiff5 (remotely exploitable, high urgency)
CVE-2015-8668 libtiff5 (remotely exploitable, high urgency)
CVE-2015-8947 libharfbuzz0b (remotely exploitable, high urgency)
CVE-2015-8962 linux-libc-dev (remotely exploitable, high urgency)
CVE-2015-8963 linux-libc-dev (remotely exploitable, high urgency)
CVE-2015-8964 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-1761 libxml2 (remotely exploitable, high urgency)
CVE-2016-2774 isc-dhcp-client (remotely exploitable, high urgency)
CVE-2016-2774 isc-dhcp-common (remotely exploitable, high urgency)
CVE-2016-3857 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-3857 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-4429 libtirpc1 (remotely exploitable, high urgency)
CVE-2016-4448 libxml2 (remotely exploitable, high urgency)
CVE-2016-4658 libxml2 (remotely exploitable, high urgency)
CVE-2016-5407 libxv1 (remotely exploitable, high urgency)
CVE-2016-5636 libpython3.4-minimal (remotely exploitable, high urgency)
CVE-2016-5636 libpython3.4-stdlib (remotely exploitable, high urgency)
CVE-2016-5636 python3.4-minimal (remotely exploitable, high urgency)
CVE-2016-5636 python3.4 (remotely exploitable, high urgency)
CVE-2016-6296 libxmlrpc-epi0 (remotely exploitable, high urgency)
CVE-2016-6515 openssh-client (remotely exploitable, high urgency)
CVE-2016-6515 openssh-server (remotely exploitable, high urgency)
CVE-2016-6515 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2016-7039 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-7167 curl (remotely exploitable, high urgency)
CVE-2016-7167 libcurl3-gnutls (remotely exploitable, high urgency)
CVE-2016-7167 libcurl3 (remotely exploitable, high urgency)
CVE-2016-7167 libcurl4-openssl-dev (remotely exploitable, high urgency)
CVE-2016-7910 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-7910 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7911 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-7911 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7912 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7942 libx11-6 (remotely exploitable, high urgency)
CVE-2016-7942 libx11-data (remotely exploitable, high urgency)
CVE-2016-7942 libx11-xcb1 (remotely exploitable, high urgency)
CVE-2016-7943 libx11-6 (remotely exploitable, high urgency)
CVE-2016-7943 libx11-data (remotely exploitable, high urgency)
CVE-2016-7943 libx11-xcb1 (remotely exploitable, high urgency)
CVE-2016-7944 libxfixes3 (remotely exploitable, high urgency)
CVE-2016-7947 libxrandr2 (remotely exploitable, high urgency)
CVE-2016-7948 libxrandr2 (remotely exploitable, high urgency)
CVE-2016-7949 libxrender1 (remotely exploitable, high urgency)
CVE-2016-7950 libxrender1 (remotely exploitable, high urgency)
CVE-2016-7951 libxtst6 (remotely exploitable, high urgency)
CVE-2016-8858 openssh-client (remotely exploitable, high urgency)
CVE-2016-8858 openssh-server (remotely exploitable, high urgency)
CVE-2016-8858 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2016-9313 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-9427 libgc1c2 (remotely exploitable, high urgency)
CVE-2016-9533 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9534 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9535 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9536 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9537 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9538 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9539 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9540 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9555 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)
CVE-2016-9555 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-9919 linux-image-4.6.0-0.bpo.1-amd64 (remotely exploitable, high urgency)

Damnit.

jgalode

CVE-2013-7445 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2013-7445 linux-libc-dev (remotely exploitable, high urgency)
CVE-2014-9761 libc6-dev (remotely exploitable, high urgency)
CVE-2014-9761 libc6 (remotely exploitable, high urgency)
CVE-2014-9761 libc-bin (remotely exploitable, high urgency)
CVE-2014-9761 libc-dev-bin (remotely exploitable, high urgency)
CVE-2014-9761 locales (remotely exploitable, high urgency)
CVE-2014-9761 multiarch-support (remotely exploitable, high urgency)
CVE-2015-5600 openssh-client (remotely exploitable, high urgency)
CVE-2015-5600 openssh-server (remotely exploitable, high urgency)
CVE-2015-5600 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2015-5621 libsnmp30 (remotely exploitable, high urgency)
CVE-2015-5621 libsnmp-base (remotely exploitable, high urgency)
CVE-2015-7554 libtiff5 (remotely exploitable, high urgency)
CVE-2015-8668 libtiff5 (remotely exploitable, high urgency)
CVE-2015-8947 libharfbuzz0b (remotely exploitable, high urgency)
CVE-2015-8962 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2015-8962 linux-libc-dev (remotely exploitable, high urgency)
CVE-2015-8963 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2015-8963 linux-libc-dev (remotely exploitable, high urgency)
CVE-2015-8964 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2015-8964 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-1761 libxml2-dev (remotely exploitable, high urgency)
CVE-2016-1761 libxml2 (remotely exploitable, high urgency)
CVE-2016-2774 isc-dhcp-client (remotely exploitable, high urgency)
CVE-2016-2774 isc-dhcp-common (remotely exploitable, high urgency)
CVE-2016-3857 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2016-3857 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-4429 libtirpc1 (remotely exploitable, high urgency)
CVE-2016-4448 libxml2-dev (remotely exploitable, high urgency)
CVE-2016-4448 libxml2 (remotely exploitable, high urgency)
CVE-2016-5407 libxv1 (remotely exploitable, high urgency)
CVE-2016-5636 libpython3.4-minimal (remotely exploitable, high urgency)
CVE-2016-5636 libpython3.4-stdlib (remotely exploitable, high urgency)
CVE-2016-5636 python3.4-minimal (remotely exploitable, high urgency)
CVE-2016-5636 python3.4 (remotely exploitable, high urgency)
CVE-2016-6515 openssh-client (remotely exploitable, high urgency)
CVE-2016-6515 openssh-server (remotely exploitable, high urgency)
CVE-2016-6515 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2016-7167 curl (remotely exploitable, high urgency)
CVE-2016-7167 libcurl3-gnutls (remotely exploitable, high urgency)
CVE-2016-7167 libcurl3 (remotely exploitable, high urgency)
CVE-2016-7167 libcurl4-openssl-dev (remotely exploitable, high urgency)
CVE-2016-7910 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2016-7910 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7911 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2016-7911 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7912 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2016-7912 linux-libc-dev (remotely exploitable, high urgency)
CVE-2016-7942 libx11-6 (remotely exploitable, high urgency)
CVE-2016-7942 libx11-data (remotely exploitable, high urgency)
CVE-2016-7942 libx11-dev (remotely exploitable, high urgency)
CVE-2016-7942 libx11-doc (remotely exploitable, high urgency)
CVE-2016-7942 libx11-xcb1 (remotely exploitable, high urgency)
CVE-2016-7943 libx11-6 (remotely exploitable, high urgency)
CVE-2016-7943 libx11-data (remotely exploitable, high urgency)
CVE-2016-7943 libx11-dev (remotely exploitable, high urgency)
CVE-2016-7943 libx11-doc (remotely exploitable, high urgency)
CVE-2016-7943 libx11-xcb1 (remotely exploitable, high urgency)
CVE-2016-7944 libxfixes3 (remotely exploitable, high urgency)
CVE-2016-7947 libxrandr2 (remotely exploitable, high urgency)
CVE-2016-7948 libxrandr2 (remotely exploitable, high urgency)
CVE-2016-7949 libxrender1 (remotely exploitable, high urgency)
CVE-2016-7950 libxrender1 (remotely exploitable, high urgency)
CVE-2016-7951 libxtst6 (remotely exploitable, high urgency)
CVE-2016-8858 openssh-client (remotely exploitable, high urgency)
CVE-2016-8858 openssh-server (remotely exploitable, high urgency)
CVE-2016-8858 openssh-sftp-server (remotely exploitable, high urgency)
CVE-2016-9427 libgc1c2 (remotely exploitable, high urgency)
CVE-2016-9533 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9534 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9535 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9536 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9537 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9538 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9539 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9540 libtiff5 (remotely exploitable, high urgency)
CVE-2016-9555 linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)
CVE-2016-9555 linux-libc-dev (remotely exploitable, high urgency)

xavier

Salut.

Peut-être normal toutes ces erreurs.
Car depuis 2005 il y a pas eu de mise a jour

http://www.enyo.de/fw/software/debsecan/

jgalode

xavier slt,
ok au final ce système d'analyse est obsolète

Aerya

jgalode Du tout... regardez le code avant de dire ça.

def fetch_data(options, config):
    """Returns a dictionary PACKAGE -> LIST-OF-VULNERABILITIES."""
    url = options.source or config.get("SOURCE", None) \
        or "https://security-tracker.debian.org/tracker/" \
           "debsecan/release/1/"

xavier

Après je sais pas comment il fonctionne..Peut-être il fait un rapport est lenvois sur un serveur externe qui lui génère un rapport de toute les vulnérabilités..

xavier

@Aerya .c'est moi qui est dit ça.
Mais effectivement en regardant le code .on dirait bien que le rapport et traité via un serveur externe 😉

Page suivante »