search

sjvermeu / cvechecker

Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
GNU General Public License v3.0
258 stars 68 forks source link

SSHD detection is not supported #42

Closed lflish closed 5 years ago

lflish commented 5 years ago

I feel SSHD is an important service, but this tool does not test it。 Or maybe I'm using it the wrong way? my sshd is in /usr/bin/sshd

sjvermeu commented 5 years ago

We / I only need to add the right rule in the version.dat file, then any pullvces run will download an updated version of that file and use it in the next inventory run.

If you have a suggested value I'll happily add it to it.

Wkr, Sven

On Thu, Feb 21, 2019, 02:50 小宇子 notifications@github.com wrote:

I feel SSHD is an important service, but this tool does not test it。

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/sjvermeu/cvechecker/issues/42, or mute the thread https://github.com/notifications/unsubscribe-auth/AAU4q4Xt1Rvi26hnoeNX5Az0pAPaeb0Yks5vPftrgaJpZM4bGeq6 .

lflish commented 5 years ago

I think,sshd,1,sshd,([0-9]\.[0-9]+)p1,a,gnu,sshd,\1,,,is OK, this result - Found match for /usr/bin/sshd: cpe:/a:gnu:sshd:7.4:::

thanks !!!