Kirill Ermakov and Vulners project just won third prize in prestigious Skolkovo Cybersecurity Challenge 2016! 5 mln rub and 3 tours from sponsors to San Francisco, Las Vegas and Saint Martin. Jackpot! =)
Since Vulners.com stores formalized security bulletins for all major Linux-distributions, it was logical decision to make a vulnerability assessment service. It takes informations about OS and installed packaged and returns list of vulnerabilities. Like regular vulnerability scanners do, but way more effective and for free.
Currently Vulners provides web-interface, which you can use to check your server, API for automation and PoC of agent for future cloud vulnerability management solutions. The following Linux distributions are supported: RedHat, CentOS, Fedora, Oracle Linux, Ubuntu, Debian.
Continue reading “Linux Vulnerability Audit in Vulners”
Here in Vulners development team we are trying hard to keep you informed about new vulnerabilities and do it in a most convenient way.
In addition to RSS and Telegram subscriptions, we implemented advanced capabilities for managing email subscriptions.
You may configure it in Subscriptions tab.
Type a query, click on a question mark and you will see an example of response. Then adjust your query, if it is needed, add your email address and save the subscription.
When new bulletins will appear in response of your query, you will automatically get an email. This will happen immediately after Vulners base update: every 4 hours for most robots, and every 2 hours for CVE robot.
In basic version only 5 subscriptions are available. Enterprise users does not have such restrictions.
In addition, they can subscribe other people on relevant feeds. For example, send emails to the system administrators about critical software vulnerabilities in systems they manage or send email with fresh public exploits to information security team experts.
Vulners.com developers are very pleased to present a new long-awaited feature – RSS feeds for vulners search results.
Now you can add this link to your favorite rss-reader, and receive alerts on new results. And Telegram-bot subscription are still working.
By the way, last Saturday, we celebrated Vulners.com one-year anniversary!
43 sources (vulnerabilities, exploits, security bulletins, news sites), the API for searching and exporting data, special projects for searching vulnerabilities in Android-applications and popular CMS. Not bad for one year? But it will be cooler.
Thank you for being with us!
It is generally known that the most exploited vulnerabilities are not in CMS engines, but in thousands of third-party plugins. Developers rarely fix this vulnerabilities quickly or even don’t fix them at all. You can find examples of such vulnerabilities and exploits with “wordpress plugin bulletinFamily:exploit” request.
Appercut bulletin contains all information about found vulnerabilities, including vulnerability decription, criticality and a piece of code where the vulnerability was detected. Vulnerable version of the application is aslo indicated, e.g. “WordPress CMS <= 4.5.2”.
At current moment, 9 bulletins were added for WordPress, Drupal, Joomla, Regular Labs, Apache Apex and Apache Camel.
In future we are planning to scan all the popular plugins for all popular CMS. Thus, end-users will be able to get information about the potential vulnerabilities in CMS and plugins, before this vulnerability will get any id. We believe that together with Appercut we can make popular CMS much safer!
Vulners development team added a new call to Vulners API v.3, which provides an easy way to export collections of security bulletins.
For example, to download all CVEs you need to
wget “https://vulners.com/api/v3/archive/collection/?type=cve” -O cve.zip
The result will be cve.zip with cve.json inside.
The same file can be downloaded with GUI at Stats tab
Moreover, with new API call you can download security bulletins for a particular OS version:
wget “https://vulners.com/api/v3/archive/distributive/?os=centos&version=6” -O centos.zip
It makes possible to get the data, which you won’t find anywhere else: the archives of exploits, hackerone history, all CentOS vulnerabilities, etc. This functionality might be useful if you want to make your own tools and data synchronization, if you already use some knowledge base.
No problem if you forgot “type” values. Just enter a nonexistent type, and you get a full list of available values:
“Error”: “There is no type ‘FAKE’ Available collection types:. [ ‘Nessus’, ‘cve’, ‘exploitdb’, ‘xssed’, ‘zdt’, ‘hackapp’, ‘threatpost’, ‘redhat’, ‘debian’, ‘ubuntu’, ‘cert’, ‘metasploit’, ‘freebsd’, ‘zdi’, ‘oraclelinux’, ‘suse’, ‘centos’,’ cisco ‘,’ hackerone ‘,’ vulnerlab ‘,’ f5 ‘,’ mozilla ‘,’ ics’, ‘archlinux’, ‘ptsecurity’, ‘rdot’, ‘erpscan’, ‘huawei’, ‘xen’, ‘openssl’, ‘opera’, ‘vmware’, ‘wpvulndb’, ‘samba’, ‘postgresql’, ‘drupal’, ‘lenovo’, ‘msvr’, ‘paloalto’, ‘nginx’] “
It is also possible to obtain these results through the search queries. Unfortunately now it was not so easy, the maximum size for a single request is reduced from 10 000 to 500. It’s a forced measure, since the load on a server and the traffic volumes increased significantly.
Now we have a separation: search for the search, and archive/collection for content export.