Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

OVAL For CentOS

NotificationsYou must be signed in to change notification settings

Sep0lkit/oval-for-el

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

中文 (Chinese version)English (English version)

Features

  • CentOS OVAL
  • Split oval by severity
  • Automatic update and revise with official security

Supports

OSReleaseUpstreamStatus
redhatRHEL5 - RHEL8https://www.redhat.com/security/data/oval/syncing
centosEL5 - EL8https://www.redhat.com/security/data/oval/syncing

Scripts

​scripts/rh2el.py

#usage:usage: rh2el.py [-h] oval_file output_fileredhat oval definition adapt to centospositional arguments:  oval_file    redhat oval file path  output_file  redhat oval output file path

Files Tree:

├── centos│   ├── com.redhat.rhsa-EL7-Critical.xml#oval severity is critical│   ├── com.redhat.rhsa-EL7-Important.xml#oval severity is important│   ├── com.redhat.rhsa-EL7-Low.xml#oval severity is low│   ├── com.redhat.rhsa-EL7-Moderate.xml#oval severity is moderate│   ├── com.redhat.rhsa-EL7.xml#all severity oval on centos7│   ├── ...└── redhat    ├── com.redhat.rhsa-RHEL7-Critical.xml    ├── com.redhat.rhsa-RHEL7-Important.xml    ├── com.redhat.rhsa-RHEL7-Low.xml    ├── com.redhat.rhsa-RHEL7-Moderate.xml    ├── com.redhat.rhsa-RHEL7.xml    ├── ...

Quick Start

Identify software vulnerabilities on centos 7 with oscap which is a best scap scanner provided by openscap.

  • Download oval-for-el

    git clone https://github.com/Sep0lkit/oval-for-el.git

  • Install oscap

    sudo yum install openscap openscap-scnner

  • Run oscap oval

    • check all vulnerabilities defined for centos7

      oscap ovaleval com.redhat.rhsa-EL7.xml

    • only check one vulnerabilitiy

      Ex: shellchock(CVE-2014-6271). this vulnerabilitiy defined with id oval:com.redhat.rhsa:def:20141293 in com.redhat.rhsa-EL7.xml

      oscap ovaleval --id oval:com.redhat.rhsa:def:20141293 com.redhat.rhsa-EL7.xml

    • export html report with options --report

      oscap ovaleval --report centos7.html  com.redhat.rhsa-EL7.xml

    Consle output:oval console ouput

    HTML report:

    html report

    Result: true means the vulnerability exists, and the true results always before false in html report

Details on ovals above

Redhat:

  • split by severity

CentOS:

  • convert from redhat oval

  • cpe and criterions for centos

    cpe_and_criterion

  • rpm signature key check for centos

    signature_key

  • split by severity

Resource

Linux OVAL

Getting Help

Twitter:@sep0lkit

[8]ページ先頭
©2009-2025 Movatter.jp