Closed
Description
When I tried to scan centos6, vuls recognized that scanned OS is debian.
Scan target OS: CentOS6.5
Run Command: vuls scan -debug -ssh-external -report-json -cve-dictionary-dbpath=$PWD/cve.sqlite3
Debug log:
[Sep 12 12:25:18] INFO [localhost] Validating Config...
[Sep 12 12:25:18] INFO [localhost] Detecting Server/Contianer OS...
[Sep 12 12:25:18] INFO [localhost] Detecting OS of servers...
[Sep 12 12:25:18] DEBUG [localhost] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; ls /etc/debian_version, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:18] DEBUG [localhost] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; lsb_release -ir, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:18] WARN [localhost] Unknown Debian/Ubuntu version. lsb_release -ir: SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; lsb_release -ir, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:18] DEBUG [localhost] Debian like Linux. Host: 10.0.0.1:22
[Sep 12 12:25:18] INFO [localhost] (1/1) Detected: server1: debian/ubuntu unknown
[Sep 12 12:25:18] INFO [localhost] Detecting OS of containers...
[Sep 12 12:25:18] INFO [localhost] Checking sudo configuration...
[Sep 12 12:25:18] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; sudo -S apt-get -v, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:18] INFO [server1] sudo ... OK
[Sep 12 12:25:18] INFO [localhost] Detecting Platforms...
[Sep 12 12:25:19] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; type curl, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:19] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; curl --max-time 1 --retry 3 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:19] INFO [localhost] (1/1) server1 is running on other
[Sep 12 12:25:19] INFO [localhost] Scanning vulnerabilities...
[Sep 12 12:25:19] INFO [localhost] Check required packages for scanning...
[Sep 12 12:25:19] INFO [localhost] Scanning vulnerable OS packages...
[Sep 12 12:25:19] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; dpkg-query -W, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:19] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; sudo -S apt-get update, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:19] DEBUG [server1] SSHResult: servername: server1, cmd: /usr/bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@10.0.0.1 -p 22 -i /home/vuls/.ssh/id_rsa -o PasswordAuthentication=no set -o pipefail; sudo -S LANG=en_US.UTF-8 apt-get upgrade --dry-run, exitstatus: 0, stdout: , stderr: , err: %!s(<nil>)
[Sep 12 12:25:19] DEBUG [server1] 0 Cves are found. cves: []
[Sep 12 12:25:19] INFO [server1] Fetching CVE details...
[Sep 12 12:25:19] INFO [server1] Done
[Sep 12 12:25:19] INFO [localhost] Scanning vulnerable software specified in the CPE...
[Sep 12 12:25:19] INFO [localhost] Reporting...
Metadata
Metadata
Assignees
Labels
No labels