Recherche de vulnérabilités sous DEBIAN.

BlogPower

Si vous utilisez l’OS DEBIAN, il existe un outil très pratique pour cela, il s’agit de Debsecan.

Voyons voir comment l’utiliser, on commence par installer l’outil :

root@crx-sec01 / # apt-get install debsecan
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  debsecan
0 upgraded, 1 newly installed, 0 to remove and 25 not upgraded.
Need to get 33.2 kB of archives.
After this operation, 112 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 debsecan all 0.4.20.1 [33.2 kB]
Fetched 33.2 kB in 0s (688 kB/s)
Preconfiguring packages ...
Selecting previously unselected package debsecan.
(Reading database ... 63992 files and directories currently installed.)
Preparing to unpack .../debsecan_0.4.20.1_all.deb ...
Unpacking debsecan (0.4.20.1) ...
Setting up debsecan (0.4.20.1) ...
setup debsecan

Suivant la distribution on va adapter le nom de la suite :

Debian 11 (Bullseye)
Debian 10 (buster)
Debian 9 (stretch)
Debian 8 (jessie)
Debian 7 (wheezy)
Debian 6.0 (squeeze)

Ensuite on lance un scan :

root@crx-sec01 / # debsecan --suite bullseye
CVE-2021-3447 ansible
CVE-2022-2795 bind9
CVE-2022-2881 bind9
CVE-2022-3080 bind9
CVE-2022-38177 bind9
CVE-2022-38178 bind9
CVE-2022-2795 bind9-dnsutils
CVE-2022-2881 bind9-dnsutils
CVE-2022-3080 bind9-dnsutils
CVE-2022-38177 bind9-dnsutils
CVE-2022-38178 bind9-dnsutils
CVE-2022-2795 bind9-host
CVE-2022-2881 bind9-host
CVE-2022-3080 bind9-host
CVE-2022-38177 bind9-host
CVE-2022-38178 bind9-host
CVE-2022-2795 bind9-libs
CVE-2022-2881 bind9-libs
CVE-2022-3080 bind9-libs
CVE-2022-38177 bind9-libs
CVE-2022-38178 bind9-libs
CVE-2022-2795 bind9-utils
CVE-2022-2881 bind9-utils
CVE-2022-3080 bind9-utils
CVE-2022-38177 bind9-utils
CVE-2022-38178 bind9-utils
CVE-2016-2781 coreutils (low urgency)
CVE-2021-38185 cpio
CVE-2022-35252 curl (fixed)
CVE-2022-2795 dnsutils
CVE-2022-2881 dnsutils
CVE-2022-3080 dnsutils
CVE-2022-38177 dnsutils
CVE-2022-38178 dnsutils
CVE-2022-1664 dpkg (fixed)
CVE-2022-1304 e2fsprogs
CVE-2018-12886 gcc-8-base
CVE-2019-15847 gcc-8-base
CVE-2016-1585 libapparmor1 (low urgency)
.....

Et voilà !   on obtient la liste des vulnérabilités du système, truc pratique on peut obtenir un affichage détaillé :

root@crx-sec01 / # debsecan --suite bullseye --format detail
...
CVE-2022-24919
  An authenticated user can create a link with reflected Javascript code ...
  installed: zabbix-agent 1:5.0.8+dfsg-1
             (built from zabbix 1:5.0.8+dfsg-1)
  fixed in unstable: zabbix 1:6.0.7+dfsg-2 (source package)
  fixed on branch:   zabbix 1:3.0.32+dfsg-0+deb9u3 (source package)
...

Ensuite on peut récupérer une liste des paquets disponibles pour corriger toutes ces failles :

root@crx-sec01 / # debsecan --suite buster --only-fixed --format packages
dpkg
libdns-export1104
libdpkg-perl
libisc-export1100
python3-paramiko
zlib1g

Enfin pour mettre à jour le tout avec cette liste :

root@crx-sec01 / # apt-get install $(debsecan --suite buster --only-fixed --format packages)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
python3-paramiko is already the newest version (2.7.2-1).
python3-paramiko set to manually installed.
libdns-export1104 is already the newest version (1:9.11.5.P4+dfsg-5.1+deb10u5).
libisc-export1100 is already the newest version (1:9.11.5.P4+dfsg-5.1+deb10u5).
Suggested packages:
  debsig-verify debian-keyring gcc | c-compiler binutils patch git bzr
The following packages will be upgraded:
  dpkg libdpkg-perl zlib1g
3 upgraded, 0 newly installed, 0 to remove and 22 not upgraded.
Need to get 0 B/4178 kB of archives.
After this operation, 11.3 kB of additional disk space will be used.
Do you want to continue? [Y/n]

 

Debscan marche aussi sur Ubuntu, pour cela suivez ce guide : https://korben.info/debsecan-cve.html