Tabela de Conteúdos

P�gina desactualizada Esta p�gina contiene una versi�n anterior de esta gu�a que puede estar desactualizada. Para ver la versi�n m�s reciente, haga clic aqu�.

7.3.1 Debsecan

Objetivo

debsecan efectúa una evaluación de la seguridad del sistema y relata las vulnerabilidades conocidas y asociadas a los paquetes instalados en el sistema, notificando al administrador (root) de los resultados.

Instalación

root@server:~# aptitude install debsecan

Configuración

Debsecan puede configurarse para ser ejecutado diariamente a través de una tarea programada (cron). Sus resultados se envían por e-mail al administrador del sistema (root): 

root@server:~# debsecan-create-cron

Utilización

La tarea programada durante la configuración enviará un e-mail al administrador con el resultado del análisis de seguridad: 

Subject: Debian security status of server
To: root@home.lan
Date: Tue,  8 Feb 2011 22:33:39 +0000 (WET)
From: root@home.lan (root)

Security report based on general data

If you specify a proper suite, this report will include information
regarding available security updates and obsolete packages.  To set
the correct suite, run "dpkg-reconfigure debsecan" as root.

*** Fixed vulnerabilities

CVE-2010-4250
  <http://security-tracker.debian.org/tracker/CVE-2010-4250>
  - linux-base
  - linux-headers-2.6.32-5-amd64
  - linux-headers-2.6.32-5-common
  - linux-image-2.6.32-5-amd64
  - linux-libc-dev

*** New vulnerabilities

CVE-2010-4022...
  <http://security-tracker.debian.org/tracker/CVE-2010-4022>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3
    (low urgency)

CVE-2011-0281...
  <http://security-tracker.debian.org/tracker/CVE-2011-0281>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3

CVE-2011-0282...
  <http://security-tracker.debian.org/tracker/CVE-2011-0282>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3

*** Vulnerabilities

CVE-2007-2379 The jQuery framework exchanges data using JavaScript...
  <http://security-tracker.debian.org/tracker/CVE-2007-2379>
  - libjs-jquery (remotely exploitable, low urgency)

CVE-2010-2943 The xfs implementation in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2010-2943>
  - linux-image-2.6.32-5-amd64, linux-libc-dev, linux-base,
    linux-headers-2.6.32-5-common, linux-headers-2.6.32-5-amd64
    (remotely exploitable, high urgency)

CVE-2010-3435 The (1) pam_env and (2) pam_mail modules in Linux-PAM...
  <http://security-tracker.debian.org/tracker/CVE-2010-3435>
  - libpam0g, libpam-modules, libpam-runtime (low urgency)

# [...]

CVE-2011-0536 CVE-2010-3847 opens new vulnerability
  <http://security-tracker.debian.org/tracker/CVE-2011-0536>
  - libc6-dev, libc-dev-bin, locales, libc-bin, libc6

CVE-2011-0755 Integer overflow in the mt_rand function in PHP...
  <http://security-tracker.debian.org/tracker/CVE-2011-0755>
  - php5-gd, php5-sqlite, php-pear, php5-common, php5-pspell,
    php5-mcrypt, php5-cli, libapache2-mod-php5, php5, php5-mysql
    (remotely exploitable, medium urgency)

TEMP-0546164-933E0D php5's pear is vulnerable to symlink attacks
  <http://security-tracker.debian.org/tracker/TEMP-0546164-933E0D>
  - php5-gd, php5-sqlite, php-pear, php5-common, php5-pspell,
    php5-mcrypt, php5-cli, libapache2-mod-php5, php5, php5-mysql
    (low urgency)

TEMP-0612034-33CBAD aptitude tempfile
  <http://security-tracker.debian.org/tracker/TEMP-0612034-33CBAD>
  - aptitude (low urgency)

De forma opcional, debsecan también puede ejecutarse en la línea de comandos: 

root@server:~# debsecan
CVE-2010-4015 libpq5 (remotely exploitable, medium urgency)
CVE-2007-2379 libjs-jquery (remotely exploitable, low urgency)
CVE-2011-0413 isc-dhcp-common (remotely exploitable, high urgency)
CVE-2010-4698 libgd2-xpm (remotely exploitable, medium urgency)
CVE-2010-4022 libgssapi-krb5-2 (low urgency)
CVE-2011-0281 libgssapi-krb5-2
CVE-2011-0282 libgssapi-krb5-2
CVE-2010-3435 libpam0g (low urgency)
CVE-2010-3853 libpam0g (low urgency)
CVE-2010-4706 libpam0g (low urgency)
CVE-2010-4707 libpam0g (low urgency)
CVE-2010-4708 libpam0g (low urgency)
CVE-2010-2943 linux-image-2.6.32-5-amd64 (remotely exploitable, high urgency)
CVE-2010-3699 linux-image-2.6.32-5-amd64 (remotely exploitable, low urgency)
CVE-2010-3865 linux-image-2.6.32-5-amd64 (high urgency)
CVE-2010-4075 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4076 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4077 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4565 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4655 linux-image-2.6.32-5-amd64
# [...]

Referencias