Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ubuntu): add Jammy Jellyfish(22.04) #1431

Merged
merged 3 commits into from
Apr 27, 2022
Merged

feat(ubuntu): add Jammy Jellyfish(22.04) #1431

merged 3 commits into from
Apr 27, 2022

Conversation

MaineK00n
Copy link
Collaborator

@MaineK00n MaineK00n commented Mar 29, 2022
edited

What did you implement:

Ubuntu 22.04 will be released on April 21.
We will support scan by Vuls.

Type of change

  • New feature (non-breaking change which adds functionality)
  • This change requires a documentation update

How Has This Been Tested?

$ vuls scan
[Apr 25 13:34:35]  INFO [localhost] vuls-v0.19.5-build-20220425_133214_d7e92b7b
[Apr 25 13:34:35]  INFO [localhost] Start scanning
[Apr 25 13:34:35]  INFO [localhost] config: /home/mainek00n/github/github.com/MaineK00n/vuls/config.toml
[Apr 25 13:34:35]  INFO [localhost] Validating config...
[Apr 25 13:34:35]  INFO [localhost] Detecting Server/Container OS... 
[Apr 25 13:34:35]  INFO [localhost] Detecting OS of servers... 
[Apr 25 13:34:35]  INFO [localhost] (1/1) Detected: vuls-target: ubuntu 22.04
[Apr 25 13:34:35]  INFO [localhost] Detecting OS of containers... 
[Apr 25 13:34:35]  INFO [localhost] Checking Scan Modes... 
[Apr 25 13:34:35]  INFO [localhost] Detecting Platforms... 
[Apr 25 13:34:36]  INFO [localhost] (1/1) vuls-target is running on other
[Apr 25 13:34:36]  INFO [vuls-target] Scanning OS pkg in fast mode


Scan Summary
================
vuls-target	ubuntu22.04	321 installed





To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

$ vuls report
[Apr 25 13:34:41]  INFO [localhost] vuls-v0.19.5-build-20220425_133214_d7e92b7b
[Apr 25 13:34:41]  INFO [localhost] Validating config...
[Apr 25 13:34:41]  INFO [localhost] cveDict.type=sqlite3, cveDict.url=, cveDict.SQLite3Path=/usr/share/vuls-data/cve.sqlite3
[Apr 25 13:34:41]  INFO [localhost] ovalDict.type=sqlite3, ovalDict.url=, ovalDict.SQLite3Path=/usr/share/vuls-data/oval.sqlite3
[Apr 25 13:34:41]  INFO [localhost] gost.type=sqlite3, gost.url=, gost.SQLite3Path=/usr/share/vuls-data/gost.sqlite3
[Apr 25 13:34:41]  INFO [localhost] exploit.type=sqlite3, exploit.url=, exploit.SQLite3Path=/usr/share/vuls-data/go-exploitdb.sqlite3
[Apr 25 13:34:41]  INFO [localhost] metasploit.type=sqlite3, metasploit.url=, metasploit.SQLite3Path=/usr/share/vuls-data/go-msfdb.sqlite3
[Apr 25 13:34:41]  INFO [localhost] kevuln.type=sqlite3, kevuln.url=, kevuln.SQLite3Path=/usr/share/vuls-data/go-kev.sqlite3
[Apr 25 13:34:41]  INFO [localhost] Loaded: /home/mainek00n/github/github.com/MaineK00n/vuls/results/2022-04-25T13:34:36+09:00
[Apr 25 13:34:41]  INFO [localhost] OVAL ubuntu 22.04 found. defs: 1
[Apr 25 13:34:41]  INFO [localhost] OVAL ubuntu 22.04 is fresh. lastModified: 2022-04-25T13:00:17+09:00
[Apr 25 13:34:41]  WARN [localhost] Unable to detect vulns of running kernel because the version of the running kernel is unknown. server: vuls-target
[Apr 25 13:34:41]  WARN [localhost] The OVAL name of the running kernel image {Release:5.13.0-40-generic Version: RebootRequired:false} is not found. So vulns of `linux` wll be detected. server: vuls-target
[Apr 25 13:34:41]  INFO [localhost] vuls-target: 0 CVEs are detected with OVAL
[Apr 25 13:34:43]  INFO [localhost] vuls-target: 42 unfixed CVEs are detected with gost
[Apr 25 13:34:43]  INFO [localhost] vuls-target: 0 CVEs are detected with CPE
[Apr 25 13:34:43]  INFO [localhost] vuls-target: 6 PoC are detected
[Apr 25 13:34:43]  INFO [localhost] vuls-target: 0 exploits are detected
[Apr 25 13:34:43]  INFO [localhost] vuls-target: total 42 CVEs detected
[Apr 25 13:34:43]  INFO [localhost] vuls-target: 0 CVEs filtered by --confidence-over=80
vuls-target (ubuntu22.04)
=========================
Total: 42 (Critical:0 High:12 Medium:6 Low:1 ?:23)
0/42 Fixed, 6 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts
321 installed

+----------------+------+--------+-----+-----------+---------+--------------------------------+
|     CVE-ID     | CVSS | ATTACK | POC |   ALERT   |  FIXED  |            PACKAGES            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2017-13165 |  7.8 |  AV:L  |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-19378 |  7.8 |  AV:L  | POC |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-11725 |  7.8 |  AV:L  | POC |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-16156 |  7.8 |  AV:L  | POC |           | unfixed | perl                           |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-26934 |  7.8 |  AV:L  |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-26490 |  7.8 |  AV:L  |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2017-11164 |  7.5 |  AV:L  |     |           | unfixed | libpcre3                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2018-5709  |  7.5 |  AV:N  |     |           | unfixed | libgssapi-krb5-2,              |
|                |      |        |     |           |         | libk5crypto3, libkrb5-3,       |
|                |      |        |     |           |         | libkrb5support0                |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-20838 |  7.5 |  AV:N  |     |           | unfixed | libpcre3                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2019-9923  |  7.5 |  AV:L  |     |           | unfixed | tar                            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-43618 |  7.5 |  AV:N  | POC |           | unfixed | libgmp10                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-41617 |  7.0 |  AV:L  |     |           | unfixed | openssh-client,                |
|                |      |        |     |           |         | openssh-server,                |
|                |      |        |     |           |         | openssh-sftp-server            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2015-8553  |  6.5 |  AV:A  |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0865  |  6.5 |  AV:N  | POC |           | unfixed | libtiff5                       |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2020-14145 |  5.9 |  AV:N  |     |           | unfixed | openssh-client,                |
|                |      |        |     |           |         | openssh-server,                |
|                |      |        |     |           |         | openssh-sftp-server            |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-33061 |  5.5 |  AV:L  |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-4095  |  5.5 |  AV:L  | POC |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2013-4235  |  4.7 |  AV:L  |     |           | unfixed | login, passwd                  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2009-5080  |  3.3 |  AV:L  |     |           | unfixed | groff-base                     |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-39800 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-39801 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2021-39802 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0480  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0500  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0995  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-0998  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1015  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1016  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1048  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1195  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1198  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1199  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1204  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-1205  |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-25308 |  0.0 |        |     |           | unfixed | libfribidi0                    |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-25309 |  0.0 |        |     |           | unfixed | libfribidi0                    |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-25310 |  0.0 |        |     |           | unfixed | libfribidi0                    |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-28356 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-28388 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-28389 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-28390 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+
| CVE-2022-28893 |  0.0 |        |     |           | unfixed | linux-image-5.13.0-40-generic  |
+----------------+------+--------+-----+-----------+---------+--------------------------------+

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@MaineK00n MaineK00n self-assigned this Mar 29, 2022
@MaineK00n MaineK00n mentioned this pull request Mar 29, 2022
Merged
MaineK00n
MaineK00n commented Mar 29, 2022
View reviewed changes
oval/debian.go Outdated Show resolved Hide resolved
@MaineK00n MaineK00n force-pushed the MaineK00n/add-ubuntu-2204 branch 2 times, most recently from d7e92b7 to c25e115 Compare April 25, 2022 04:53
@MaineK00n MaineK00n marked this pull request as ready for review April 26, 2022 05:31
@MaineK00n MaineK00n merged commit cc63a0e into master Apr 27, 2022
@MaineK00n MaineK00n deleted the MaineK00n/add-ubuntu-2204 branch April 27, 2022 02:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@MaineK00n MaineK00n

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@MaineK00n