Hi, I "was" developer of that feed :)
I haven't updated it for while, due to lack of time and/or sponsor ;) Eero pe 8. kesäk. 2018 klo 17.59 Ewae Rpok <ewaer...@gmail.com> kirjoitti: > Hello all. > > Can anyone advise on scanning Oracle Linux vulnerabilities? > The Community feed seems to omit checks for errata published post 2016. > > e.g. https://linux.oracle.com/errata/ELSA-2018-0395.html was not > reported despite kernel-uek 4.1.12-61.1.18 being run and > kernel-3.10.0-514 being installed (both built 04 Nov 2016). > > Equivalent vulnerability in CentOS/RHEL-compatible kernel was positively > identified when run against CentOS system: > https://lists.centos.org/pipermail/centos-announce/2018-May/022843.html > CentOS Update for kernel CESA-2018:1629 centos7 > OID 1.3.6.1.4.1.25623.1.0.882885 > > Vulnerabilities are actually found - just nothing new. > Supported by the following found on a recent kali linux install: > > root@kali:/var/lib/openvas/plugins# find . -name "ELSA*"|sort -rn|head > ./2016/ELSA-2016-3554.nasl.asc > ./2016/ELSA-2016-3554.nasl > ./2016/ELSA-2016-3553.nasl.asc > ./2016/ELSA-2016-3553.nasl > ./2016/ELSA-2016-3552.nasl.asc > ./2016/ELSA-2016-3552.nasl > ./2016/ELSA-2016-3551.nasl.asc > ./2016/ELSA-2016-3551.nasl > ./2016/ELSA-2016-3531.nasl.asc > ./2016/ELSA-2016-3531.nasl > root@kali:/var/lib/openvas/plugins# find . -name "gb_CESA*"|sort -rn|head > ./2018/centos/gb_CESA-2018_1726_thunderbird_centos6.nasl.asc > ./2018/centos/gb_CESA-2018_1726_thunderbird_centos6.nasl > ./2018/centos/gb_CESA-2018_1725_thunderbird_centos7.nasl.asc > ./2018/centos/gb_CESA-2018_1725_thunderbird_centos7.nasl > ./2018/centos/gb_CESA-2018_1700_procps-ng_centos7.nasl.asc > ./2018/centos/gb_CESA-2018_1700_procps-ng_centos7.nasl > ./2018/centos/gb_CESA-2018_1669_libvirt_centos6.nasl.asc > ./2018/centos/gb_CESA-2018_1669_libvirt_centos6.nasl > ./2018/centos/gb_CESA-2018_1660_qemu-guest-agent_centos6.nasl.asc > ./2018/centos/gb_CESA-2018_1660_qemu-guest-agent_centos6.nasl > root@kali:/var/lib/openvas/plugins# > > > vulners.com has different looking pages for Oracle Linux vulnerabilities > before and after the apparent cutoff - e.g. > https://vulners.com/openvas/OPENVAS:1361412562310122925 > and > https://vulners.com/oraclelinux/ELSA-2016-3559 > > Should I be using a different tool or approach? > > Thanks in advance, > Ewae. > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
