mirror of https://gitee.com/openkylin/genmai.git
修改高权限执行基线扫描模式
This commit is contained in:
song
parent
0bbdcde4e3
commit
f8f544c53f
|
|
@ -1,122 +0,0 @@
|
|||
{
|
||||
"RCServerUUID": "7bf6e2ea-3973-46f3-84ef-923cf0c5ec81",
|
||||
"RCServerName": "123",
|
||||
"RCFamily": "RCFamily",
|
||||
"RCRelease": "RCRelease",
|
||||
"RCContainer": "RCContainer",
|
||||
"RCExploredType": "BaseLine",
|
||||
"RCExploredTimeAt": "2023-03-31T17:27:44.989450739+08:00",
|
||||
"RCExploredMode": "RCExploredMode",
|
||||
"RCExploredVersion": "RCExploredVersion",
|
||||
"RCExploredRevision": "RCExploredRevision",
|
||||
"RCExploredBy": "RCExploredBy",
|
||||
"RCExploredVia": "RCExploredVia",
|
||||
"RCExploredIPv4Addrs": [
|
||||
"0.0.0.0"
|
||||
],
|
||||
"RCExploredIPv6Addrs": [
|
||||
"0.0.0.0"
|
||||
],
|
||||
"RCReportedAt": "2023-03-31T17:27:45.253086186+08:00",
|
||||
"RCReportedVersion": "RCReportedVersion",
|
||||
"RCReportedBy": "RCReportedBy",
|
||||
"RCElapsedTime": 263635639,
|
||||
"RCErrors": "RCErrors",
|
||||
"RCWarnings": "RCWarnings",
|
||||
"RCExploredVulns": [
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "checkEmpty",
|
||||
"VICBelong": "baseline",
|
||||
"VICPocHazardLevel": "",
|
||||
"VICSource": "",
|
||||
"VICSiteInfo": {
|
||||
"Name": "检测空口令账户",
|
||||
"Severity": "",
|
||||
"Description": "",
|
||||
"ScopeOfInfluence": "",
|
||||
"References": null,
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "",
|
||||
"CvssScore": 0,
|
||||
"CveId": "",
|
||||
"CweId": "",
|
||||
"CnvdId": "",
|
||||
"KveId": ""
|
||||
},
|
||||
"Tags": null
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": [
|
||||
{
|
||||
"Inter": "",
|
||||
"InterArgs": null,
|
||||
"Exec": "awk",
|
||||
"Args": [
|
||||
"-F: ",
|
||||
"'length($2)==0 {print $1}' /etc/shadow"
|
||||
]
|
||||
}
|
||||
],
|
||||
"ExpireTime": 0,
|
||||
"Inter": [
|
||||
""
|
||||
],
|
||||
"Condition": "None"
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CheckFileJurisdiction",
|
||||
"VICBelong": "baseline",
|
||||
"VICPocHazardLevel": "",
|
||||
"VICSource": "",
|
||||
"VICSiteInfo": {
|
||||
"Name": "检测root目录下存在777权限的文件",
|
||||
"Severity": "",
|
||||
"Description": "",
|
||||
"ScopeOfInfluence": "",
|
||||
"References": null,
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "",
|
||||
"CvssScore": 0,
|
||||
"CveId": "",
|
||||
"CweId": "",
|
||||
"CnvdId": "",
|
||||
"KveId": ""
|
||||
},
|
||||
"Tags": null
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": [
|
||||
{
|
||||
"Inter": "",
|
||||
"InterArgs": null,
|
||||
"Exec": "find",
|
||||
"Args": [
|
||||
"/root",
|
||||
"-perm 777"
|
||||
]
|
||||
}
|
||||
],
|
||||
"ExpireTime": 0,
|
||||
"Inter": [
|
||||
""
|
||||
],
|
||||
"Condition": "None"
|
||||
}
|
||||
}
|
||||
],
|
||||
"RCReunningKernelInfo": {
|
||||
"RKRelease": "0.0",
|
||||
"RKVersion": "0.0",
|
||||
"RKRebootRequired": false
|
||||
},
|
||||
"RCPackages": "RCPackages",
|
||||
"RCSrcPackages": "RCSrcPackages",
|
||||
"RCOptional": "RCOptional",
|
||||
"RCExecPocNums": 10,
|
||||
"RCRepairedNums": 4,
|
||||
"RCNotFixedNums": 2,
|
||||
"RCNotExecPocNums": 4
|
||||
}
|
||||
|
|
@ -1,285 +0,0 @@
|
|||
{
|
||||
"RCServerUUID": "4a40f8a2-efe7-4c06-9cd9-b324df3f6fba",
|
||||
"RCServerName": "123",
|
||||
"RCFamily": "RCFamily",
|
||||
"RCRelease": "RCRelease",
|
||||
"RCContainer": "RCContainer",
|
||||
"RCExploredType": "System",
|
||||
"RCExploredTimeAt": "2023-03-31T17:27:24.95322199+08:00",
|
||||
"RCExploredMode": "RCExploredMode",
|
||||
"RCExploredVersion": "RCExploredVersion",
|
||||
"RCExploredRevision": "RCExploredRevision",
|
||||
"RCExploredBy": "RCExploredBy",
|
||||
"RCExploredVia": "RCExploredVia",
|
||||
"RCExploredIPv4Addrs": [
|
||||
"0.0.0.0"
|
||||
],
|
||||
"RCExploredIPv6Addrs": [
|
||||
"0.0.0.0"
|
||||
],
|
||||
"RCReportedAt": "2023-03-31T17:27:44.987731282+08:00",
|
||||
"RCReportedVersion": "RCReportedVersion",
|
||||
"RCReportedBy": "RCReportedBy",
|
||||
"RCElapsedTime": 20034509421,
|
||||
"RCErrors": "RCErrors",
|
||||
"RCWarnings": "RCWarnings",
|
||||
"RCExploredVulns": [
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-1292",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://github.com/alcaparra/CVE-2022-1292",
|
||||
"VICSiteInfo": {
|
||||
"Name": "OpenSSL是Openssl团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。",
|
||||
"Severity": "critical",
|
||||
"Description": "OpenSSL 存在操作系统命令注入漏洞,该漏洞源于c_rehash 脚本未正确清理 shell 元字符导致命令注入。攻击者利用该漏洞执行任意命令。",
|
||||
"ScopeOfInfluence": "OpenSSL 1.0.2 OpenSSL 1.1.1 OpenSSL 3.x",
|
||||
"References": [
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-1292",
|
||||
"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CvssScore": 9.8,
|
||||
"CveId": "CVE-2022-1292",
|
||||
"CweId": "CWE-78",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"命令执行",
|
||||
"命令注入"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-0714",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "medium",
|
||||
"Description": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2.4436",
|
||||
"References": [
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-0714",
|
||||
"https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||||
"CvssScore": 5.5,
|
||||
"CveId": "CVE-2022-0714",
|
||||
"CweId": "CWE-787,CWE-122",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"cve2022",
|
||||
"缓冲区错误"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-0359",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "high",
|
||||
"Description": "vim 存在安全漏洞,该漏洞源于在8.2之前的vim中基于堆的缓冲区溢出。",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2",
|
||||
"References": [
|
||||
"https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1",
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-0359"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CvssScore": 7.8,
|
||||
"CveId": "CVE-2022-0359",
|
||||
"CweId": "CWE-787,CWE-122",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"cve2022",
|
||||
"缓冲区溢出"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-0413",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "high",
|
||||
"Description": "vim 存在资源管理错误漏洞,该漏洞源于这个漏洞允许攻击者可利用该漏洞输入一个特别制作的文件,导致崩溃或代码执行。",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2",
|
||||
"References": [
|
||||
"https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a",
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-0413"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CvssScore": 7.8,
|
||||
"CveId": "CVE-2022-0413",
|
||||
"CweId": "CWE-416",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"资源管理错误",
|
||||
"拒绝服务"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-1771",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "Medium",
|
||||
"Description": "Vim 8.2.4975 之前版本存在安全漏洞,该漏洞源于可能存在基于堆栈的缓冲区溢出问题。",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2.4975",
|
||||
"References": [
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-1771"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
|
||||
"CvssScore": 5.5,
|
||||
"CveId": "CVE-2022-1771",
|
||||
"CweId": "CWE-674",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"cve2022",
|
||||
"缓冲区溢出"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-0572",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "high",
|
||||
"Description": "vim 存在安全漏洞,该漏洞源于在8.2之前的GitHub库vim中基于堆的缓冲区溢出",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2",
|
||||
"References": [
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-0572",
|
||||
"https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CvssScore": 7.8,
|
||||
"CveId": "CVE-2022-0572",
|
||||
"CweId": "CWE-787,CWE-122",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"cve2022",
|
||||
"缓冲区错误"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
},
|
||||
{
|
||||
"VICFormatVer": 0,
|
||||
"VICId": "CVE-2022-0351",
|
||||
"VICBelong": "system",
|
||||
"VICPocHazardLevel": "low",
|
||||
"VICSource": "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161/",
|
||||
"VICSiteInfo": {
|
||||
"Name": "Vim是一款基于UNIX平台的编辑器。",
|
||||
"Severity": "high",
|
||||
"Description": "vim 存在缓冲区错误漏洞,该漏洞源于 vim 在缓冲区开始之前访问内存位置。。",
|
||||
"ScopeOfInfluence": "vim \u003c 8.2",
|
||||
"References": [
|
||||
"https://nvd.nist.gov/vuln/detail/CVE-2022-0351",
|
||||
"https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d"
|
||||
],
|
||||
"SiteClassification": {
|
||||
"CvssMetrics": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"CvssScore": 7.8,
|
||||
"CveId": "CVE-2022-0351",
|
||||
"CweId": "CWE-119,CWE-786",
|
||||
"CnvdId": "None",
|
||||
"KveId": "None"
|
||||
},
|
||||
"Tags": [
|
||||
"cve2022",
|
||||
"拒绝服务",
|
||||
"缓冲区错误"
|
||||
]
|
||||
},
|
||||
"VICSiteRequests": {
|
||||
"ImArray": null,
|
||||
"ExpireTime": 0,
|
||||
"Inter": null,
|
||||
"Condition": ""
|
||||
}
|
||||
}
|
||||
],
|
||||
"RCReunningKernelInfo": {
|
||||
"RKRelease": "0.0",
|
||||
"RKVersion": "0.0",
|
||||
"RKRebootRequired": false
|
||||
},
|
||||
"RCPackages": "RCPackages",
|
||||
"RCSrcPackages": "RCSrcPackages",
|
||||
"RCOptional": "RCOptional",
|
||||
"RCExecPocNums": 25,
|
||||
"RCRepairedNums": 18,
|
||||
"RCNotFixedNums": 7,
|
||||
"RCNotExecPocNums": 0
|
||||
}
|
||||
Loading…
Reference in New Issue