Ferramentas de Usuário

Ferramentas de Site


pt:buster:security:audit:debsecan

7.3.1 Debsecan

O debsecan efectua uma avaliação de segurança ao sistema e relata vulnerabilidades conhecidas associadas aos pacotes instalado no sistema, notificando o administrador (root) dos resultados.

Instalação

<sxh bash; highlight: [1]> root@server:~# apt install debsecan </sxh>

Configuração

Para relatórios mais rigorosos, deverá ser indicada a versão Debian do nosso sistema no ficheiro /etc/default/debsecan:

<sxh; highlight: [5-6]; title: /etc/default/debsecan> #[…]

# For better reporting, specify the correct suite here, using the code # name (that is, “sid” instead of “unstable”). #SUITE=GENERIC SUITE=buster

#[…] </sxh>

O debsecan pode ser configurado para ser executado diariamente através de uma tarefa agendada (cron), sendo os resultados enviados por email ao administrador do sistema (root):

<sxh bash; highlight: [1]> root@server:~# debsecan-create-cron </sxh>

Utilização

A tarefa agendada durante a configuração irá enviar uma email ao administrador com o resultado da análise de segurança:

<sxh;> Subject: Debian security status of server To: root@home.lan Date: Sun, 9 Jul 2017 02:34:04 +0100 (WEST)

Security report based on general data

If you specify a proper suite, this report will include information regarding available security updates and obsolete packages. To set the correct suite, run “dpkg-reconfigure debsecan” as root.

* Fixed vulnerabilities CVE-2017-9499 <https://security-tracker.debian.org/tracker/CVE-2017-9499> - imagemagick-6-common - libmagickcore-6.q16-3 - libmagickwand-6.q16-3 * New vulnerabilities

CVE-2017-11109 Vim 8.0 allows attackers to cause a denial of…

<https://security-tracker.debian.org/tracker/CVE-2017-11109>
- vim-tiny, xxd, vim-common (low urgency)

CVE-2017-11112 In ncurses 6.0, there is an attempted…

<https://security-tracker.debian.org/tracker/CVE-2017-11112>
- libncurses5, ncurses-term, libtinfo5, libncursesw5, ncurses-base,
  ncurses-bin

CVE-2017-11113 In ncurses 6.0, there is a NULL Pointer Dereference…

<https://security-tracker.debian.org/tracker/CVE-2017-11113>
- libncurses5, ncurses-term, libtinfo5, libncursesw5, ncurses-base,
  ncurses-bin

*** Vulnerabilities

CVE-2011-5325 Directory traversal via crafted tar file which…

<https://security-tracker.debian.org/tracker/CVE-2011-5325>
- busybox

CVE-2012-6706 A VMSF_DELTA memory corruption was discovered in…

<https://security-tracker.debian.org/tracker/CVE-2012-6706>
- unrar (remotely exploitable, high urgency)

# […] </sxh>

Opcionalmente, o debsecan também pode ser executado a partir da linha de comandos:

<sxh bash; highlight: [1]> root@server:~# debsecan CVE-2016-10317 libgs9-common (remotely exploitable, medium urgency) CVE-2017-11143 php7.0-mysql CVE-2017-11144 php7.0-mysql CVE-2017-8923 php7.0-mysql (remotely exploitable, high urgency) TEMP-0000000-18C9FC php7.0-mysql CVE-2016-6170 bind9utils (remotely exploitable, medium urgency) CVE-2016-6170 bind9-host (remotely exploitable, medium urgency) CVE-2017-11109 vim-tiny (low urgency) CVE-2017-10684 libncurses5 (remotely exploitable, high urgency) CVE-2017-10685 libncurses5 (remotely exploitable, high urgency) CVE-2017-11112 libncurses5 CVE-2017-11113 libncurses5 CVE-2017-10928 imagemagick-6-common CVE-2017-10995 imagemagick-6-common CVE-2017-11141 imagemagick-6-common (low urgency) # […] </sxh>

Referências

pt/buster/security/audit/debsecan.txt · Última modificação em: 2020-08-02 20:10 (edição externa)

Excepto menção em contrário, o conteúdo neste wiki está sob a seguinte licença: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki