How To Find Vulnerability on a Computer- CVEchecker

There are different tools are available to find a vulnerability on an operating system and network, nessus and OpenVAS are among them. We have discussed different sort of tutorials for nessus to find a vulnerability as you have seen that the vulnerability number start with CVE-xxxxx so the question is what is CVE? And the other thing is that if we need to find the vulnerability on our own computer so that whether we need to scan our own computer via nessus or there are some other method?

What is CVE ?

The Common Vulnerabilities and Exposures or CVE system provides a reference-method for publicly-known information-security vulnerabilities and exposures. MITRE Corporation maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.[1] CVE is used by the Security Content Automation Protocol.

What is CVEchecker ?

The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.

CVEchecker Tutorial

root@coresec:~# apt-get install libconfig8-dev libsqlite3-dev libxslt1-dev

Download http://sourceforge.net/projects/cvechecker/files/

root@coresec:~# tar -zxvf cvechecker-3.1.tar.gz

root@coresec:~# cd cvechecker-3.1/

root@coresec:~/cvechecker-3.1# ./configure --enable-sqlite3

root@coresec:~/cvechecker-3.1# make

root@coresec:~/cvechecker-3.1# make install

root@coresec:~/cvechecker-3.1# pullcves pull

Downloading nvdcve-2.0-2002.xml... ok

Converting nvdcve-2.0-2002.xml to CSV... ok

Loading in nvdcve-2.0-2002.csv in cvechecker.

I am missing the index cveidx2. This is to be expected if this is the first run of cvechecker since an upgrade.

I will now create cveidx2 for you, no further actions are needed.

Some updates have occurred which might affect the database initialization.

Please restart the command.

Generate the list

root@coresec:~/cvechecker-3.1# find / -type f -perm -o+x > scanlist.txt

root@coresec:~/cvechecker-3.1# echo "/proc/version" >> scanlist.txt

Get the information of available software's

root@coresec:~/cvechecker-3.1# cvechecker -b scanlist.txt

Searching for known software titles...

- Found match for /lib/libpthread-2.12.1.so: cpe:/a:gnu:glibc:2.12.1:::

- Found match for /sbin/resize2fs: cpe:/a:ext2_filesystems_utilities:e2fsprogs:1.41.12:::

- Found match for /sbin/mkfs.ext4: cpe:/a:ext2_filesystems_utilities:e2fsprogs:1.41.12:::

- Found match for /sbin/iptables-save: cpe:/a:netfilter_core_team:iptables:1.4.4:::

- Found match for /sbin/iptables-save: cpe:/a:netfilter_core_team:iptables:1.4

Matching process

root@coresec:~/cvechecker-3.1# cvechecker -r

Export

root@coresec:~/cvechecker-3.1# cvechecker -r -C

Read more

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.