MaineK00n
commented
1 week ago @gdudas
[Jun 25 10:59:20] INFO [localhost] OVAL opensuse.leap 15.6 found. defs: 0
It looks like /usr/share/vals-data/ival.sqlite3 does not contain OpenSuse Leap 15.6 data.
To fetch the OpenSuse Leap 15.6 data, try the following command:
$ goval-dictionary fetch suse --suse-type opensuse-leap 15.6 --dbpath "/usr/share/vals-data/ival.sqlite3"
What did you do? (required. The issue will be closed when not provided.)
vuls report -config=/root/config.toml -diff-minus -format-one-line-text -to-email -format-one-email
What did you expect to happen?
Report function works without an error.
What happened instead?
Report function exit with an error.
https://github.com/vulsio/goval-dictionary#usage: github.com/future-architect/vuls/detector.detectPkgsCvesWithOval /root/go/src/github.com/future-architect/vuls/detector/detector.go:551Please re-run the command using
-debugand provide the output below.[Jun 25 10:59:20] INFO [localhost] vuls-v0.26.0-build-20240624_095311_86d3681 [Jun 25 10:59:20] INFO [localhost] Validating config... [Jun 25 10:59:20] INFO [localhost] cveDict.type=sqlite3, cveDict.url=, cveDict.SQLite3Path=/usr/share/vuls-data/cve.sqlite3 [Jun 25 10:59:20] INFO [localhost] ovalDict.type=sqlite3, ovalDict.url=, ovalDict.SQLite3Path=/usr/share/vuls-data/oval.sqlite3 [Jun 25 10:59:20] INFO [localhost] gost.type=sqlite3, gost.url=, gost.SQLite3Path=/usr/share/vuls-data/gost.sqlite3 [Jun 25 10:59:20] INFO [localhost] exploit.type=sqlite3, exploit.url=, exploit.SQLite3Path=/usr/share/vuls-data/go-exploitdb.sqlite3 [Jun 25 10:59:20] INFO [localhost] metasploit.type=sqlite3, metasploit.url=, metasploit.SQLite3Path=/usr/share/vuls-data/go-msfdb.sqlite3 [Jun 25 10:59:20] INFO [localhost] kevuln.type=sqlite3, kevuln.url=, kevuln.SQLite3Path=/usr/share/vuls-data/go-kev.sqlite3 [Jun 25 10:59:20] INFO [localhost] cti.type=sqlite3, cti.url=, cti.SQLite3Path=/usr/share/vuls-data/go-cti.sqlite3 [Jun 25 10:59:20] INFO [localhost] Loaded: /root/results/2024-06-25T10-17-20+0200 [Jun 25 10:59:20] DEBUG [localhost] leap (opensuse.leap15.6): config.ServerInfo{ BaseName: "leap", ServerName: "leap", User: "vuls", Host: "leap", IgnoreIPAddresses: []string{}, JumpServer: []string{}, Port: "22", SSHConfigPath: "", KeyPath: "/root/.ssh/vuls_rsa", CpeNames: []string{}, ScanMode: []string{ "fast-root", }, ScanModules: []string{}, OwaspDCXMLPath: "", ContainersOnly: false, ContainersIncluded: []string{}, ContainersExcluded: []string{}, ContainerType: "", Containers: map[string]config.ContainerSetting{}, IgnoreCves: []string{}, IgnorePkgsRegexp: []string{}, GitHubRepos: map[string]config.GitHubConf{}, UUIDs: map[string]string{}, Memo: "", Enablerepo: []string{}, Optional: map[string]interface {}{}, Lockfiles: []string{}, FindLock: false, FindLockDirs: []string{}, Type: "", IgnoredJSONKeys: []string{}, WordPress: &config.WordPressConf{ OSUser: "", DocRoot: "", CmdPath: "", NoSudo: false, }, PortScan: &config.PortScanConf{ IsUseExternalScanner: false, ScannerBinPath: "", HasPrivileged: false, ScanTechniques: []string{}, SourcePort: "", }, Windows: &config.WindowsConf{ ServerSelection: 0, CabPath: "", }, IPv4Addrs: []string{}, IPv6Addrs: []string{}, IPSIdentifiers: map[string]string{}, LogMsgAnsiColor: "", Container: config.Container{ ContainerID: "", Name: "", Image: "", }, Distro: config.Distro{ Family: "", Release: "", }, Mode: config.ScanMode{ flag: 0x02, }, Module: config.ScanModule{ flag: 0x0f, }, } [Jun 25 10:59:20] DEBUG [localhost] Check if oval fetched: opensuse.leap 15.6 [Jun 25 10:59:20] INFO [localhost] OVAL opensuse.leap 15.6 found. defs: 0 [Jun 25 10:59:20] ERROR [localhost] Failed to detect Pkg CVE: github.com/future-architect/vuls/detector.Detect /root/go/src/github.com/future-architect/vuls/detector/detector.go:54
https://github.com/vulsio/goval-dictionary#usage: github.com/future-architect/vuls/detector.detectPkgsCvesWithOval /root/go/src/github.com/future-architect/vuls/detector/detector.go:551Steps to reproduce the behaviour
Add an openSUSE Leap 15.6 host to config, run scan and then report.
Configuration (MUST fill this out):
Go version (
go version): go version go1.21.4 linux/amd64Go environment (
go env): GO111MODULE='' GOARCH='amd64' GOBIN='' GOCACHE='/root/.cache/go-build' GOENV='/root/.config/go/env' GOEXE='' GOEXPERIMENT='' GOFLAGS='' GOHOSTARCH='amd64' GOHOSTOS='linux' GOINSECURE='' GOMODCACHE='/root/go/pkg/mod' GONOPROXY='' GONOSUMDB='' GOOS='linux' GOPATH='/root/go' GOPRIVATE='' GOPROXY='https://proxy.golang.org,direct' GOROOT='/usr/local/go' GOSUMDB='sum.golang.org' GOTMPDIR='' GOTOOLCHAIN='auto' GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64' GOVCS='' GOVERSION='go1.21.4' GCCGO='gccgo' GOAMD64='v1' AR='ar' CC='gcc' CXX='g++' CGO_ENABLED='1' GOMOD='/dev/null' GOWORK='' CGO_CFLAGS='-O2 -g' CGO_CPPFLAGS='' CGO_CXXFLAGS='-O2 -g' CGO_FFLAGS='-O2 -g' CGO_LDFLAGS='-O2 -g' PKG_CONFIG='pkg-config' GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2989341584=/tmp/go-build -gno-record-gcc-switches'Vuls environment:
Hash : vuls-v0.26.0-build-20240624_095311_86d3681
[cveDict] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/cve.sqlite3"
[exploit] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/go-exploitdb.sqlite3"
[ovalDict] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/oval.sqlite3"
[gost] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/gost.sqlite3"
[metasploit] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/go-msfdb.sqlite3"
[kevuln] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/go-kev.sqlite3"
[cti] type = "sqlite3" SQLite3Path = "/usr/share/vuls-data/go-cti.sqlite3"
[default] port = "22" user = "vuls" keyPath = "/root/.ssh/vuls_rsa"
[servers.leap] host = "leap" scanMode = [ "fast-root" ] # "fast", "fast-root" or "deep"