Ferramentas de Usuário

Ferramentas de Site


Action disabled: source
pt:squeeze:security:audit:debsecan

Página desactualizada Esta página contém uma versão anterior deste guia que pode estar desatualizada. Para a consultar a versão mais recente clique aqui.

7.3.1 Debsecan

Objectivo

O debsecan efectua uma avaliação de segurança ao sistema e relata vulnerabilidades conhecidas associadas aos pacotes instalado no sistema, notificando o administrador (root) dos resultados.

Instalação

root@server:~# aptitude install debsecan

Configuração

O debsecan pode ser configurado para ser executado diariamente através de uma tarefa agendada (cron), sendo os resultados enviados por email ao administrador do sistema (root):

root@server:~# debsecan-create-cron

Utilização

A tarefa agendada durante a configuração irá enviar uma email ao administrador com o resultado da análise de segurança:

Subject: Debian security status of server
To: [email protected]
Date: Tue,  8 Feb 2011 22:33:39 +0000 (WET)
From: [email protected] (root)

Security report based on general data

If you specify a proper suite, this report will include information
regarding available security updates and obsolete packages.  To set
the correct suite, run "dpkg-reconfigure debsecan" as root.

*** Fixed vulnerabilities

CVE-2010-4250
  <http://security-tracker.debian.org/tracker/CVE-2010-4250>
  - linux-base
  - linux-headers-2.6.32-5-amd64
  - linux-headers-2.6.32-5-common
  - linux-image-2.6.32-5-amd64
  - linux-libc-dev

*** New vulnerabilities

CVE-2010-4022...
  <http://security-tracker.debian.org/tracker/CVE-2010-4022>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3
    (low urgency)

CVE-2011-0281...
  <http://security-tracker.debian.org/tracker/CVE-2011-0281>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3

CVE-2011-0282...
  <http://security-tracker.debian.org/tracker/CVE-2011-0282>
  - libgssapi-krb5-2, libk5crypto3, libkrb5support0, libkrb5-3

*** Vulnerabilities

CVE-2007-2379 The jQuery framework exchanges data using JavaScript...
  <http://security-tracker.debian.org/tracker/CVE-2007-2379>
  - libjs-jquery (remotely exploitable, low urgency)

CVE-2010-2943 The xfs implementation in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2010-2943>
  - linux-image-2.6.32-5-amd64, linux-libc-dev, linux-base,
    linux-headers-2.6.32-5-common, linux-headers-2.6.32-5-amd64
    (remotely exploitable, high urgency)

CVE-2010-3435 The (1) pam_env and (2) pam_mail modules in Linux-PAM...
  <http://security-tracker.debian.org/tracker/CVE-2010-3435>
  - libpam0g, libpam-modules, libpam-runtime (low urgency)

# [...]

CVE-2011-0536 CVE-2010-3847 opens new vulnerability
  <http://security-tracker.debian.org/tracker/CVE-2011-0536>
  - libc6-dev, libc-dev-bin, locales, libc-bin, libc6

CVE-2011-0755 Integer overflow in the mt_rand function in PHP...
  <http://security-tracker.debian.org/tracker/CVE-2011-0755>
  - php5-gd, php5-sqlite, php-pear, php5-common, php5-pspell,
    php5-mcrypt, php5-cli, libapache2-mod-php5, php5, php5-mysql
    (remotely exploitable, medium urgency)

TEMP-0546164-933E0D php5's pear is vulnerable to symlink attacks
  <http://security-tracker.debian.org/tracker/TEMP-0546164-933E0D>
  - php5-gd, php5-sqlite, php-pear, php5-common, php5-pspell,
    php5-mcrypt, php5-cli, libapache2-mod-php5, php5, php5-mysql
    (low urgency)

TEMP-0612034-33CBAD aptitude tempfile
  <http://security-tracker.debian.org/tracker/TEMP-0612034-33CBAD>
  - aptitude (low urgency)

Opcionalmente, o debsecan também pode ser executado a partir da linha de comandos:

root@server:~# debsecan
CVE-2010-4015 libpq5 (remotely exploitable, medium urgency)
CVE-2007-2379 libjs-jquery (remotely exploitable, low urgency)
CVE-2011-0413 isc-dhcp-common (remotely exploitable, high urgency)
CVE-2010-4698 libgd2-xpm (remotely exploitable, medium urgency)
CVE-2010-4022 libgssapi-krb5-2 (low urgency)
CVE-2011-0281 libgssapi-krb5-2
CVE-2011-0282 libgssapi-krb5-2
CVE-2010-3435 libpam0g (low urgency)
CVE-2010-3853 libpam0g (low urgency)
CVE-2010-4706 libpam0g (low urgency)
CVE-2010-4707 libpam0g (low urgency)
CVE-2010-4708 libpam0g (low urgency)
CVE-2010-2943 linux-image-2.6.32-5-amd64 (remotely exploitable, high urgency)
CVE-2010-3699 linux-image-2.6.32-5-amd64 (remotely exploitable, low urgency)
CVE-2010-3865 linux-image-2.6.32-5-amd64 (high urgency)
CVE-2010-4075 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4076 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4077 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4565 linux-image-2.6.32-5-amd64 (low urgency)
CVE-2010-4655 linux-image-2.6.32-5-amd64
# [...]

Referências

pt/squeeze/security/audit/debsecan.txt · Última modificação em: 2024-02-15 01:05 por 127.0.0.1