-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Debian and Ubuntu 18 support in vulnerability-detector #470
Conversation
** Supported Windows distributions ** - Windows Server 2016 ** Supported Debian distributions ** - Debian Stretch - Debian Jessie - Debian Wheezy
f6871c4
to
5fb02b1
Compare
946757b
to
5ae2b70
Compare
0ee792d
to
a370165
Compare
65e23bb
to
070d390
Compare
070d390
to
e5d159e
Compare
- Windows XP - Windows 7 - Windows 8 - Windows 8.1 - Windows 10 - Windows Server 2008 - Windows Server 2008 R2 - Windows Server 2012 - Windows Server 2012 R2
40a9cd7
to
58f5a6e
Compare
Add option to force the vulnerability detection in unsupported OS
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using the following configuration:
<wodle name="vulnerability-detector">
<disabled>no</disabled>
<interval>1m</interval>
<run_on_start>yes</run_on_start>
<feed name="ubuntu-16">
<disabled>no</disabled>
<allow>ubuntu 17, ubuntu 18</allow>
<update_interval>1h</update_interval>
</feed>
<feed name="redhat-7">
<disabled>no</disabled>
<allow>centos 7</allow>
<update_interval>1h</update_interval>
</feed>
<feed name="debian-9">
<disabled>no</disabled>
<update_interval>1h</update_interval>
</feed>
</wodle>
I've received these messages:
2018/05/07 17:37:57 wazuh-modulesd:vulnerability-detector: DEBUG: (5464): Ubuntu version not supported (agent ubuntu1710).
2018/05/07 17:37:57 wazuh-modulesd:vulnerability-detector: DEBUG: (5463): Agent redhat7 has an unsupported Wazuh version.
I've also received this segfault:
{"timestamp":"2018-05-07T17:09:22.248-0700","rule":{"level":5,"description":"Process segfaulted.","id":"1010","firedtimes":2,"mail":false,"groups":["syslog","errors","service_availability"]},"agent":{"id":"000","name":"ubuntu1710"},"manager":{"name":"ubuntu1710"},"id":"1525738162.482872","full_log":"May 7 17:09:21 ubuntu1710 kernel: [19343.370702] wazuh-modulesd[34534]: segfault at 0 ip 00007fb048612af4 sp 00007fb047266c60 error 4 in libc-2.26.so[7fb04857d000+1d6000]","predecoder":{"program_name":"kernel","timestamp":"May 7 17:09:21","hostname":"ubuntu1710"},"decoder":{"name":"kernel"},"location":"/var/log/kern.log"}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Compilation warning
os_strdup(name, agents->agent_name); | ||
os_strdup(agent_os, agents->OS); | ||
agents->dist = agent_dist; | ||
agents->info = 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wazuh_modules/wm_vuln_detector.c:2587:22: warning: ‘agent_dist’ may be used uninitialized in this function [-Wmaybe-uninitialized]
agents->dist = agent_dist;
This feature adds vulnerability scanner support for:
Example
Status