The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.
Still, the tool remains useful. With the proper reporting in place, you are immediately warned when a new CVE has been released that might match your system. You can then take the appropriate steps (acknowledge report, verify incident, fix package or mark as false positive).
The tool however needs your help as well. The most work is to tell cvechecker how to detect which software is installed and what version. For more information, see the cvechecker man-page.
What is CVE ?
The Common Vulnerabilities and Exposures or CVE system provides a reference-method for publicly-known information-security vulnerabilities and exposures. MITRE Corporation maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.[1] CVE is used by the Security Content Automation Protocol.
What is CVEchecker ?
The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.
The current stable release is 3.2, released on 2012/11/25.
Download cvechecker-3.2.tar.gz (168.3 kB)
Download other versions from here
Source-
http://sourceforge.net/projects/cvechecker/
Post a Comment