Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bogus results on Debian 9.x (stretch): file #3

Closed
hillu opened this issue May 3, 2019 · 2 comments
Closed

Bogus results on Debian 9.x (stretch): file #3

hillu opened this issue May 3, 2019 · 2 comments

Comments

@hillu
Copy link

hillu commented May 3, 2019

Hi, I just ran vulmap on my workstation that is running Debian 9 (stretch) plus selected backports. I was shown a large number of exploitable vulnerabilities, most of which seemed bogus.
My hunch is that the long list of ancient CVE-listed bugs for file (see below) is shown because your service does not take into account the epoch in the version number.
If necessary, please refer to deb-version(5) for details on how to interpret version strings on Debian and derivative distributions.

[*] Vulnerability Found!
[>] Product: file 1:5.30-1+deb9u2
[+] CVEID: CVE-2004-1304	Score: 10	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2004-1304
	[*] Available Exploits!!!
	[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=24784 (File ELF 4.x - Header Buffer Overflow)
[+] CVEID: CVE-2009-3930	Score: 9.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2009-3930
[+] CVEID: CVE-2007-1536	Score: 9.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-1536
	[*] Available Exploits!!!
	[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=29753 (File(1) 4.13 - Command File_PrintF Integer Underflow)
[+] CVEID: CVE-2007-2026	Score: 7.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-2026
[+] CVEID: CVE-2014-9653	Score: 7.5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9653
[+] CVEID: CVE-2019-8907	Score: 6.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8907
[+] CVEID: CVE-2019-8904	Score: 6.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8904
[+] CVEID: CVE-2019-8905	Score: 6.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8905
[+] CVEID: CVE-2019-8906	Score: 6.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2019-8906
[+] CVEID: CVE-2009-1515	Score: 6.8	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2009-1515
[+] CVEID: CVE-2007-2799	Score: 5.1	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2007-2799
[+] CVEID: CVE-2014-9652	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9652
[+] CVEID: CVE-2014-9621	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9621
[+] CVEID: CVE-2014-9620	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-9620
[+] CVEID: CVE-2014-8116	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-8116
[+] CVEID: CVE-2014-8117	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-8117
[+] CVEID: CVE-2014-3478	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3478
[+] CVEID: CVE-2014-3538	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3538
[+] CVEID: CVE-2013-7345	Score: 5	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2013-7345
[+] CVEID: CVE-2003-0102	Score: 4.6	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2003-0102
	[*] Available Exploits!!!
	[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=22324 (File 3.x - Local Stack Overflow Code Execution (1))
	[!] Exploit ID: EDB&qid URL: http://vulmon.com/exploitdetails?qidtp=EDB&qid=22325 (File 3.x - Local Stack Overflow Code Execution (2))
[+] CVEID: CVE-2018-10360	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2018-10360
[+] CVEID: CVE-2014-3587	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3587
[+] CVEID: CVE-2014-3479	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3479
[+] CVEID: CVE-2014-3487	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3487
[+] CVEID: CVE-2014-0207	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-0207
[+] CVEID: CVE-2014-3480	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-3480
[+] CVEID: CVE-2014-2270	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2014-2270
[+] CVEID: CVE-2012-1571	Score: 4.3	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2012-1571
[+] CVEID: CVE-2017-1000249	Score: 2.1	URL: http://vulmon.com/vulnerabilitydetails?qid=CVE-2017-1000249
@vulmon
Copy link
Owner

vulmon commented May 3, 2019

It seems this false-positive issue in Vulmp Linux is about wrong db usage for Linux OSes at server side. We are currently working on it.

@yavuzatlas
Copy link
Collaborator

Currently false-positive issue for Debian is fixed. For other DPKG distros it will be fixed soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants