README ¶
goval-dictionary
This is tool to build a local copy of the OVAL. The local copy is generated in sqlite format, and the tool has a server mode for easy querying.
Installation
Requirements
goval-dictionary requires the following packages.
- SQLite3, MySQL, PostgreSQL or Redis
- git
- gcc
- lastest version of go
Install
$ mkdir -p $GOPATH/src/github.com/kotakanbe
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone https://github.com/kotakanbe/goval-dictionary.git
$ cd goval-dictionary
$ make install
Usage
$ goval-dictionary -h
Usage: goval-dictionary <flags> <subcommand> <subcommand args>
Subcommands:
commands list all command names
flags describe all known top-level flags
help describe subcommands and their syntax
Subcommands for fetch-alpine:
fetch-alpine Fetch Vulnerability dictionary from Alpine secdb
Subcommands for fetch-amazon:
fetch-amazon Fetch Vulnerability dictionary from Amazon ALAS
Subcommands for fetch-debian:
fetch-debian Fetch Vulnerability dictionary from Debian
Subcommands for fetch-oracle:
fetch-oracle Fetch Vulnerability dictionary from Oracle
Subcommands for fetch-redhat:
fetch-redhat Fetch Vulnerability dictionary from RedHat
Subcommands for fetch-suse:
fetch-suse Fetch Vulnerability dictionary from SUSE
Subcommands for fetch-ubuntu:
fetch-ubuntu Fetch Vulnerability dictionary from Ubuntu
Subcommands for select:
select Select from DB
Subcommands for server:
server Start OVAL dictionary HTTP server
Use "goval-dictionary flags" for a list of top-level flags
Usage: Fetch OVAL data from RedHat
$ goval-dictionary fetch-redhat -h
fetch-redhat:
fetch-redhat
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
For the first time, run the blow command to fetch data for all versions.
$ goval-dictionary fetch-redhat 5 6 7 8
or
$ for i in {5..8}; do goval-dictionary fetch-redhat $i; done
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
- Import OVAL data from Internet
$ goval-dictionary fetch-redhat 5 6 7 8
Usage: Fetch OVAL data from Debian
$ goval-dictionary fetch-debian -h
fetch-debian:
fetch-debian
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
For the first time, run the blow command to fetch data for all versions.
$ goval-dictionary fetch-debian 7 8 9 10
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
- Import OVAL data from Internet
$ goval-dictionary fetch-debian 7 8 9 10
Usage: Fetch OVAL data from Ubuntu
$ goval-dictionary fetch-ubuntu -h
fetch-ubuntu:
fetch-ubuntu
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
For the first time, run the blow command to fetch data for all versions.
$ goval-dictionary fetch-ubuntu 12 14 16 18 19
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
- Import OVAL data from Internet
$ goval-dictionary fetch-ubuntu 12 14 16 18 19
Usage: Fetch OVAL data from SUSE
$ goval-dictionary fetch-suse -h
fetch-suse:
fetch-suse
[-opensuse]
[-opensuse-leap]
[-suse-enterprise-server]
[-suse-enterprise-desktop]
[-suse-openstack-cloud]
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
For the first time, run the blow command to fetch data for all versions.
$ goval-dictionary fetch-suse -opensuse 13.2
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
-opensuse
OpenSUSE
-opensuse-leap
OpenSUSE Leap
-suse-enterprise-server
SUSE Enterprise Server
- Import OVAL data from Internet
$ goval-dictionary fetch-suse -opensuse 13.2
$ goval-dictionary fetch-suse -suse-enterprise-server 12
Usage: Fetch OVAL data from Oracle
$ goval-dictionary fetch-oracle -h
fetch-oracle:
fetch-oracle
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
For the first time, run the blow command to fetch data for all versions.
$ goval-dictionary fetch-oracle
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
- Import OVAL data from Internet
$ goval-dictionary fetch-oracle
Usage: Fetch alpine-secdb as OVAL data type
- Alpine Linux alpine-secdb is provided in YAML format and not OVAL, but it is supported by goval-dictionary to make alpine-secdb easier to handle from Vuls. See here for a list of supported alpines.
fetch-alpine:
fetch-alpine
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
The version list is here https://git.alpinelinux.org/cgit/alpine-secdb/tree/
$ goval-dictionary fetch-alpine 3.3 3.4 3.5 3.6
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
-quiet
quiet mode (no output)
- Import alpine-secdb from Internet
$ goval-dictionary fetch-alpine 3.3 3.4 3.5 3.6
See here for a list of supported alpines.
Usage: Fetch Amazon ALAS as OVAL data type
Amazon ALAS provideis Vulnerability data as no-OVAL-format
, but it is supported by goval-dictionary to make Amazon ALAS easier to handle from Vuls.
fetch-amazon:
fetch-amazon
[-dbtype=sqlite3|mysql|postgres|redis]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-http-proxy=http://192.168.0.1:8080]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
$ goval-dictionary fetch-amazon
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode
-debug-sql
SQL debug mode
-http-proxy string
http://proxy-url:port (default: empty)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
-quiet
quiet mode (no output)
- Import Amazon ALAS from Internet
$ goval-dictionary fetch-amazon
Usage: select oval by package name
Select from DB where package name is golang.
`$ goval-dictionary select -by-package redhat 7 golang`
$ goval-dictionary select -by-package redhat 7 golang
[Apr 10 10:22:43] INFO Opening DB (sqlite3).
CVE-2015-5739
{3399 319 golang 0:1.6.3-1.el7_2.1}
{3400 319 golang-bin 0:1.6.3-1.el7_2.1}
{3401 319 golang-docs 0:1.6.3-1.el7_2.1}
{3402 319 golang-misc 0:1.6.3-1.el7_2.1}
{3403 319 golang-src 0:1.6.3-1.el7_2.1}
{3404 319 golang-tests 0:1.6.3-1.el7_2.1}
CVE-2015-5740
{3399 319 golang 0:1.6.3-1.el7_2.1}
{3400 319 golang-bin 0:1.6.3-1.el7_2.1}
{3401 319 golang-docs 0:1.6.3-1.el7_2.1}
{3402 319 golang-misc 0:1.6.3-1.el7_2.1}
{3403 319 golang-src 0:1.6.3-1.el7_2.1}
{3404 319 golang-tests 0:1.6.3-1.el7_2.1}
CVE-2015-5741
{3399 319 golang 0:1.6.3-1.el7_2.1}
{3400 319 golang-bin 0:1.6.3-1.el7_2.1}
{3401 319 golang-docs 0:1.6.3-1.el7_2.1}
{3402 319 golang-misc 0:1.6.3-1.el7_2.1}
{3403 319 golang-src 0:1.6.3-1.el7_2.1}
{3404 319 golang-tests 0:1.6.3-1.el7_2.1}
CVE-2016-3959
{3399 319 golang 0:1.6.3-1.el7_2.1}
{3400 319 golang-bin 0:1.6.3-1.el7_2.1}
{3401 319 golang-docs 0:1.6.3-1.el7_2.1}
{3402 319 golang-misc 0:1.6.3-1.el7_2.1}
{3403 319 golang-src 0:1.6.3-1.el7_2.1}
{3404 319 golang-tests 0:1.6.3-1.el7_2.1}
CVE-2016-5386
{3399 319 golang 0:1.6.3-1.el7_2.1}
{3400 319 golang-bin 0:1.6.3-1.el7_2.1}
{3401 319 golang-docs 0:1.6.3-1.el7_2.1}
{3402 319 golang-misc 0:1.6.3-1.el7_2.1}
{3403 319 golang-src 0:1.6.3-1.el7_2.1}
{3404 319 golang-tests 0:1.6.3-1.el7_2.1}
------------------
[]models.Definition{
models.Definition{
ID: 0x13f,
MetaID: 0x1,
Title: "RHSA-2016:1538: golang security, bug fix, and enhancement update (Moderate)",
Description: "The golang packages provide the Go programming language compiler.\n\nThe following packages have been upgraded to a newer upstream version: golang (1.6.3). (BZ#1346331)\n\nSecurity Fix(es):\n\n* An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable \"HTTP_PROXY\" using the incoming \"Proxy\" HTTP-request header. The environment variable \"HTTP_PROXY\" is used by numerous web clients, including Go's net/http package, to specify a proxy server to use for HTTP and, in some cases, HTTPS requests. This meant that when a CGI-based web application ran, an attacker could specify a proxy server which the application then used for subsequent outgoing requests, allowing a man-in-the-middle attack. (CVE-2016-5386)\n\nRed Hat would like to thank Scott Geary (VendHQ) for reporting this issue.",
Advisory: models.Advisory{
ID: 0x13f,
DefinitionID: 0x13f,
Severity: "Moderate",
Cves: []models.Cve{
models.Cve{
ID: 0x54f,
AdvisoryID: 0x13f,
CveID: "CVE-2015-5739",
Cvss2: "6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P",
Cvss3: "",
Cwe: "CWE-444",
Href: "https://access.redhat.com/security/cve/CVE-2015-5739",
Public: "20150729",
},
models.Cve{
ID: 0x550,
AdvisoryID: 0x13f,
CveID: "CVE-2015-5740",
Cvss2: "6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P",
Cvss3: "",
Cwe: "CWE-444",
Href: "https://access.redhat.com/security/cve/CVE-2015-5740",
Public: "20150729",
},
models.Cve{
ID: 0x551,
AdvisoryID: 0x13f,
CveID: "CVE-2015-5741",
Cvss2: "6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P",
Cvss3: "",
Cwe: "CWE-444",
Href: "https://access.redhat.com/security/cve/CVE-2015-5741",
Public: "20150729",
},
models.Cve{
ID: 0x552,
AdvisoryID: 0x13f,
CveID: "CVE-2016-3959",
Cvss2: "4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P",
Cvss3: "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
Cwe: "CWE-835",
Href: "https://access.redhat.com/security/cve/CVE-2016-3959",
Public: "20160405",
},
models.Cve{
ID: 0x553,
AdvisoryID: 0x13f,
CveID: "CVE-2016-5386",
Cvss2: "5.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
Cvss3: "5.0/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
Cwe: "CWE-20",
Href: "https://access.redhat.com/security/cve/CVE-2016-5386",
Public: "20160718",
},
},
Bugzillas: []models.Bugzilla{
models.Bugzilla{
ID: 0x93f,
AdvisoryID: 0x13f,
BugzillaID: "1346331",
URL: "https://bugzilla.redhat.com/1346331",
Title: "REBASE to golang 1.6",
},
models.Bugzilla{
ID: 0x940,
AdvisoryID: 0x13f,
BugzillaID: "1353798",
URL: "https://bugzilla.redhat.com/1353798",
Title: "CVE-2016-5386 Go: sets environmental variable based on user supplied Proxy request header",
},
},
AffectedCPEList: []models.Cpe{
models.Cpe{
ID: 0x204,
AdvisoryID: 0x13f,
Cpe: "cpe:/o:redhat:enterprise_linux:7",
},
},
},
AffectedPacks: []models.Package{
models.Package{
ID: 0xd47,
DefinitionID: 0x13f,
Name: "golang",
Version: "0:1.6.3-1.el7_2.1",
},
models.Package{
ID: 0xd48,
DefinitionID: 0x13f,
Name: "golang-bin",
Version: "0:1.6.3-1.el7_2.1",
},
models.Package{
ID: 0xd49,
DefinitionID: 0x13f,
Name: "golang-docs",
Version: "0:1.6.3-1.el7_2.1",
},
models.Package{
ID: 0xd4a,
DefinitionID: 0x13f,
Name: "golang-misc",
Version: "0:1.6.3-1.el7_2.1",
},
models.Package{
ID: 0xd4b,
DefinitionID: 0x13f,
Name: "golang-src",
Version: "0:1.6.3-1.el7_2.1",
},
models.Package{
ID: 0xd4c,
DefinitionID: 0x13f,
Name: "golang-tests",
Version: "0:1.6.3-1.el7_2.1",
},
},
References: []models.Reference{
models.Reference{
ID: 0x68d,
DefinitionID: 0x13f,
Source: "RHSA",
RefID: "RHSA-2016:1538-01",
RefURL: "https://rhn.redhat.com/errata/RHSA-2016-1538.html",
},
models.Reference{
ID: 0x68e,
DefinitionID: 0x13f,
Source: "CVE",
RefID: "CVE-2015-5739",
RefURL: "https://access.redhat.com/security/cve/CVE-2015-5739",
},
models.Reference{
ID: 0x68f,
DefinitionID: 0x13f,
Source: "CVE",
RefID: "CVE-2015-5740",
RefURL: "https://access.redhat.com/security/cve/CVE-2015-5740",
},
models.Reference{
ID: 0x690,
DefinitionID: 0x13f,
Source: "CVE",
RefID: "CVE-2015-5741",
RefURL: "https://access.redhat.com/security/cve/CVE-2015-5741",
},
models.Reference{
ID: 0x691,
DefinitionID: 0x13f,
Source: "CVE",
RefID: "CVE-2016-3959",
RefURL: "https://access.redhat.com/security/cve/CVE-2016-3959",
},
models.Reference{
ID: 0x692,
DefinitionID: 0x13f,
Source: "CVE",
RefID: "CVE-2016-5386",
RefURL: "https://access.redhat.com/security/cve/CVE-2016-5386",
},
},
},
}
Upper part format:
CVE-YYYY-NNNN
{ID DefinitionID PackageName PackageVersion NotFixedYet}
Usage: select oval by CVE-ID
`Select from DB where CVE-ID CVE-2017-6009`
$ goval-dictionary select -by-cveid redhat 7 CVE-2017-6009
[Apr 12 12:12:36] INFO Opening DB (sqlite3).
RHSA-2017:0837: icoutils security update (Important)
Important
[{1822 430 CVE-2017-5208 8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CWE-190 CWE-122 https://access.redhat.com/security/cve/CVE-2017-5208 20170108} {1823 430 CVE-2017-5332 2.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L CWE-190 CWE-125 https://access.redhat.com/security/cve/CVE-2017-5332 20170108} {1824 430 CVE-2017-5333 8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CWE-190 CWE-122 https://access.redhat.com/security/cve/CVE-2017-5333 20170108} {1825 430 CVE-2017-6009 8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CWE-190 CWE-122 https://access.redhat.com/security/cve/CVE-2017-6009 20170203} {1826 430 CVE-2017-6010 8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CWE-190 CWE-122 https://access.redhat.com/security/cve/CVE-2017-6010 20170203} {1827 430 CVE-2017-6011 8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L CWE-122 https://access.redhat.com/security/cve/CVE-2017-6011 20170203}]
------------------
[]models.Definition{
models.Definition{
ID: 0x1ae,
MetaID: 0x1,
Title: "RHSA-2017:0837: icoutils security update (Important)",
Description: "The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries.\n\nSecurity Fix(es):\n\n* Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-5208, CVE-2017-5333, CVE-2017-6009)\n\n* A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash. (CVE-2017-5332)\n\n* Multiple vulnerabilities were found in icoutils, in the icotool program. An attacker could create a crafted ICO or CUR file that, when read by icotool, could result in memory corruption leading to a crash or potential code execution. (CVE-2017-6010, CVE-2017-6011)",
Advisory: models.Advisory{
ID: 0x1ae,
DefinitionID: 0x1ae,
Severity: "Important",
Cves: []models.Cve{
models.Cve{
ID: 0x71e,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-5208",
Cvss2: "",
Cvss3: "8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
Cwe: "CWE-190 CWE-122",
Href: "https://access.redhat.com/security/cve/CVE-2017-5208",
Public: "20170108",
},
models.Cve{
ID: 0x71f,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-5332",
Cvss2: "",
Cvss3: "2.8/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
Cwe: "CWE-190 CWE-125",
Href: "https://access.redhat.com/security/cve/CVE-2017-5332",
Public: "20170108",
},
models.Cve{
ID: 0x720,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-5333",
Cvss2: "",
Cvss3: "8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
Cwe: "CWE-190 CWE-122",
Href: "https://access.redhat.com/security/cve/CVE-2017-5333",
Public: "20170108",
},
models.Cve{
ID: 0x721,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-6009",
Cvss2: "",
Cvss3: "8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
Cwe: "CWE-190 CWE-122",
Href: "https://access.redhat.com/security/cve/CVE-2017-6009",
Public: "20170203",
},
models.Cve{
ID: 0x722,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-6010",
Cvss2: "",
Cvss3: "8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
Cwe: "CWE-190 CWE-122",
Href: "https://access.redhat.com/security/cve/CVE-2017-6010",
Public: "20170203",
},
models.Cve{
ID: 0x723,
AdvisoryID: 0x1ae,
CveID: "CVE-2017-6011",
Cvss2: "",
Cvss3: "8.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
Cwe: "CWE-122",
Href: "https://access.redhat.com/security/cve/CVE-2017-6011",
Public: "20170203",
},
},
Bugzillas: []models.Bugzilla{
models.Bugzilla{
ID: 0xe4a,
AdvisoryID: 0x1ae,
BugzillaID: "1411251",
URL: "https://bugzilla.redhat.com/1411251",
Title: "CVE-2017-5208 icoutils: Check_offset overflow on 64-bit systems",
},
models.Bugzilla{
ID: 0xe4b,
AdvisoryID: 0x1ae,
BugzillaID: "1412259",
URL: "https://bugzilla.redhat.com/1412259",
Title: "CVE-2017-5333 icoutils: Integer overflow vulnerability in extract.c",
},
models.Bugzilla{
ID: 0xe4c,
AdvisoryID: 0x1ae,
BugzillaID: "1412263",
URL: "https://bugzilla.redhat.com/1412263",
Title: "CVE-2017-5332 icoutils: Access to unallocated memory possible in extract.c",
},
models.Bugzilla{
ID: 0xe4d,
AdvisoryID: 0x1ae,
BugzillaID: "1422906",
URL: "https://bugzilla.redhat.com/1422906",
Title: "CVE-2017-6009 icoutils: Buffer overflow in the decode_ne_resource_id function",
},
models.Bugzilla{
ID: 0xe4e,
AdvisoryID: 0x1ae,
BugzillaID: "1422907",
URL: "https://bugzilla.redhat.com/1422907",
Title: "CVE-2017-6010 icoutils: Buffer overflow in the extract_icons function",
},
models.Bugzilla{
ID: 0xe4f,
AdvisoryID: 0x1ae,
BugzillaID: "1422908",
URL: "https://bugzilla.redhat.com/1422908",
Title: "CVE-2017-6011 icoutils: Buffer overflow in the simple_vec function",
},
},
AffectedCPEList: []models.Cpe{
models.Cpe{
ID: 0x2ae,
AdvisoryID: 0x1ae,
Cpe: "cpe:/o:redhat:enterprise_linux:7",
},
},
},
AffectedPacks: []models.Package{
models.Package{
ID: 0x11b1,
DefinitionID: 0x1ae,
Name: "icoutils",
Version: "0:0.31.3-1.el7_3",
},
},
References: []models.Reference{
models.Reference{
ID: 0x8cb,
DefinitionID: 0x1ae,
Source: "RHSA",
RefID: "RHSA-2017:0837-01",
RefURL: "https://access.redhat.com/errata/RHSA-2017:0837",
},
models.Reference{
ID: 0x8cc,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-5208",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-5208",
},
models.Reference{
ID: 0x8cd,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-5332",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-5332",
},
models.Reference{
ID: 0x8ce,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-5333",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-5333",
},
models.Reference{
ID: 0x8cf,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-6009",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-6009",
},
models.Reference{
ID: 0x8d0,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-6010",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-6010",
},
models.Reference{
ID: 0x8d1,
DefinitionID: 0x1ae,
Source: "CVE",
RefID: "CVE-2017-6011",
RefURL: "https://access.redhat.com/security/cve/CVE-2017-6011",
},
},
},
}
Upper part format:
[
{ID AdvisoryID CveID Cvss2 Cvss3 CWE Impact ReferenceURL PublishedDate}
...
]
Usage: Start goval-dictionary as server mode
$ goval-dictionary server -h
server:
server
[-bind=127.0.0.1]
[-port=8000]
[-dbpath=$PWD/oval.sqlite3 or connection string]
[-dbtype=sqlite3|mysql|postgres|redis]
[-debug]
[-debug-sql]
[-quiet]
[-log-dir=/path/to/log]
[-log-json]
-bind string
HTTP server bind to IP address (default: loop back interface) (default "127.0.0.1")
-dbpath string
/path/to/sqlite3 or SQL connection string (default "$PWD/oval.sqlite3")
-dbtype string
Database type to store data in (sqlite3, mysql, postgres or redis supported) (default "sqlite3")
-debug
debug mode (default: false)
-debug-sql
SQL debug mode (default: false)
-quiet
quiet mode (no output)
-log-dir string
/path/to/log (default "/var/log/vuls")
-log-json
output log as JSON
-port string
HTTP server port number (default: 1324)
cURL
$ curl http://127.0.0.1:1324/cves/ubuntu/16/CVE-2017-15400 | jq
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1237 100 1237 0 0 81365 0 --:--:-- --:--:-- --:--:-- 82466
[
{
"ID": 10582,
"DefinitionID": "oval:com.ubuntu.xenial:def:201715400000",
"Title": "CVE-2017-15400 on Ubuntu 16.04 LTS (xenial) - medium.",
"Description": "Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.",
"Advisory": {
"ID": 10575,
"Severity": "Medium",
"Cves": null,
"Bugzillas": null,
"AffectedCPEList": null,
"Issued": "0001-01-01T00:00:00Z",
"Updated": "0001-01-01T00:00:00Z"
},
"Debian": {
"ID": 9330,
"CveID": "CVE-2017-15400",
"MoreInfo": "",
"Date": "0001-01-01T00:00:00Z"
},
"AffectedPacks": [
{
"ID": 16117,
"Name": "cups",
"Version": "",
"NotFixedYet": true
}
],
"References": [
{
"ID": 48602,
"Source": "CVE",
"RefID": "CVE-2017-15400",
"RefURL": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15400"
},
{
"ID": 48603,
"Source": "Ref",
"RefID": "",
"RefURL": "http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15400.html"
},
{
"ID": 48604,
"Source": "Ref",
"RefID": "",
"RefURL": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-chrome-os_27.html"
},
{
"ID": 48605,
"Source": "Bug",
"RefID": "",
"RefURL": "https://bugs.chromium.org/p/chromium/issues/detail?id=777215"
}
]
}
]
For details, see https://github.com/kotakanbe/goval-dictionary/blob/master/server/server.go#L44
Tips
- How to use Redis as DB backend see #7
Data Source
Authors
kotakanbe (@kotakanbe) created goval-dictionary and these fine people have contributed.
Change Log
Please see CHANGELOG.
License
Please see LICENSE.
Documentation ¶
There is no documentation for this package.
Click to show internal directories.
Click to hide internal directories.