cvechecker

The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning a list of installed software and matching results with the CVE database. This is not a bullet-proof method and you will have many false positives (ie: vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.

Quickstart

Initalize the SQLite3 Database
~# cvechecker -i
Load CVE and version matching rules
~$ pullcves pull
Generate List of Files to scan
~$ find / -type f -perm -o+x > scanlist.txt ~$ echo "/proc/version" >> scanlist.txt
Gather List of Installed Software/Versions
~$ cvechecker -b scanlist.txt
Output Matching CVE Entries
~$ cvechecker -r

More detailed installation information available via the installation docs.
The homepage for this project.

Name		Name	Last commit message	Last commit date
Latest commit History 158 Commits
conf		conf
data		data
docs		docs
scripts		scripts
src		src
.gitignore		.gitignore
.travis.yml		.travis.yml
AUTHORS		AUTHORS
COPYING		COPYING
ChangeLog		ChangeLog
INSTALL		INSTALL
LICENSE		LICENSE
Makefile.am		Makefile.am
NEWS		NEWS
README.md		README.md
RELEASE		RELEASE
TODO		TODO
bad-versions.dat		bad-versions.dat
configure		configure
configure.ac		configure.ac
depcomp		depcomp
install-sh		install-sh
missing		missing
versions.dat		versions.dat

License

Licenses found

hellolrc/cvechecker

Folders and files

Latest commit

History

Repository files navigation

cvechecker

Quickstart

About

Resources

License

Licenses found

Stars

Watchers

Forks

Languages