vuls v0.15.13 releases: Vulnerability scanner for Linux/FreeBSD
For a system administrator, having to perform security vulnerability analysis and software updates on a daily basis can be a burden. To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform the update manually. This leads to the following problems.
- A system administrator will have to constantly watch out for any new vulnerabilities in NVD(National Vulnerability Database) or similar databases.
- It might be impossible for the system administrator to monitor all the software if there are a large number of software installed on the server.
- It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there.
Vuls is a tool created to solve the problems listed above. It has the following characteristics.
- Informs users of the vulnerabilities that are related to the system.
- Informs users of the servers that are affected.
- Vulnerability detection is done automatically to prevent any oversight.
- The report is generated on a regular basis using CRON or other methods. to manage vulnerability.
- Scan for any vulnerabilities in Linux/FreeBSD Server
- Supports Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, FreeBSD and Raspbian
- Cloud, on-premise, Docker
- Scan middleware that are not included in OS package management
- Scan middleware, programming language libraries and framework for vulnerability
- Support software registered in CPE
- Agentless architecture
- User is required to only setup one machine that is connected to other target servers via SSH
- Nondestructive testing
- Pre-authorization is not necessary before scanning on AWS
- Auto-generation of configuration file template
- Auto-detection of servers set using CIDR, generate configuration file template
- Email and Slack notification is possible (supports the Japanese language)
- Scan result is viewable on accessory software, TUI Viewer on the terminal or Web UI (VulsRepo).
543dc99 fix(cpescan): CpeVendorProductMatch not set when Redis Backend (#1273)
f0b3a8b feat(cpescan): Use JVN as a second DB for CPE scan (#1268)
0b9ec05 Support scanning Ubuntu using Gost (#1243)
0bf1241 fix(rocky): fix Scan in Rocky Linux (#1266)
0ea4d58 fix(gost): Use DBDriver ctx in Psuedo (#1264)
5755b00 feat(os) : support Rocky linux (#1260)
1c8e074 Feat report googlechat (#1257) (#1258)
0e0e5ce feat: Support Ubuntu21 (#1231)
23dfe53 chore: update go-exploitdb (#1262)
8e6351a feat(oval): goval-dictionary update (#1259)
3086e27 fix Ubuntu 20.10 End of Life on July 22 2021 (#1256)
b8db2e0 feat(report): Change the priority of CVE information in Debian (#1202)
43b46cb chore: add test data for integration test (#1254)
d0559c7 chore: update gost deps (#1253)
231c63c fix(libscan): support empty LibraryFixedIn (#1252)
2a9aebe fix(report): improve cpe match logic (#1251)
4e535d7 chore: fix build-tags in .goreleaser.yml (#1250)
4b48750 chore: add go.sum test data for integration test (#1249)
0095c40 fix(vet): go vet err of
82c1abf fix(report): detection logic bugs for Oracle Linux (#1247)
4098840 feat(scanner) separate func analize libraries (#1246)
e8e3f4d feat(lib): support of Go (go.sum) scan (#1244)
7eb77f5 feat(scan): support external port scanner(nmap) in host machine (#1207)
e115235 fix(test): dev mode to false in package-lock.json (#1242)
151d4b2 fix(scan): Avoid panic when SSH connection refused (#1236)
e553f8b feat(trivy): go mod update trivy v0.17.2 (#1235)
47652ef fix(report): include the num of criticals in total #1233 (#1234)
ab0e950 fix(oracle): extracting only advisory ID from OVAL.title (#1232)
a7b0ce1 refactor(git-conf): config template in github section changed (#1229)
dc9c0ed refactor(git-conf): Specifing ignoreGitHubDismissed per repository (#1224)
17ae386 chore: add a test case #1227 (#1228)
2d369d0 Fix false positive for Oracle Linux (#1227)
c36e645 fix(report): false positive for kernel-related CVE for RedHat, CentOS, Oracle and Amazon #1199 (#1223)
40039c0 fix(report): panic when closing db connection of gost (#1222)
a692cec fix(gost): close gost DB connection in server mode #1217 (#1221)
e7ca491 fix(report): Avoid http reports error (#1216)
23f3e2f fix(config): add Ubuntu 20.10 (#1218)
27b3e17 feat(saas): delete json dir automatically after upload (#1212)
Copyright (C) 2016 Future Corporation, Japan