Linux Vulnerability Audit in Vulners

Since Vulners.com stores formalized security bulletins for all major Linux-distributions, it was logical decision to make a vulnerability assessment service. It takes informations about OS and installed packaged and returns list of vulnerabilities. Like regular vulnerability scanners do, but way more effective and for free.

Audit interface

Currently Vulners provides web-interface, which you can use to check your server, API for automation and PoC of agent for future cloud vulnerability management solutions. The following Linux distributions are supported: RedHat, CentOS, Fedora, Oracle Linux, Ubuntu, Debian.
Continue reading “Linux Vulnerability Audit in Vulners”

Advertisements

Vulners API v.3 released

Vulners development team has released a major update for Vulners API. Automate your routine operations with vulners.com database easier and effectively than ever.

What’s new:

  • The most of Vulners API v.3 request are now use Get
  • New “search/id” request to view content of the bulletin by identifier
  • Requests for searching or viewing the content by id now support option “references = true”, which adds referenced objects to the results
  • Json output is now pretty-printed by default

All API methods: https://vulners.com/api/v3/
“Validateparam” contains all input parameters and types:

"lucene": [
        {
          "requireparam": {
            "parameters": [
              "query"
            ]
          }
        },
        {
          "validateparam": {
            "parameters": [
              {
                "skip": "int",
                "query": "str",
                "size": "int",
                "sort": "str"
              }
            ]
          }
        }
      ],

Examples:

Available fields and values: https://vulners.com/api/v3/search/suggest/?type=distinct&fieldName=type

{
  "data": [
    "nessus",
    "cve",
    "exploitdb",
    "xssed",
    "zdt",
...
    "lenovo",
    "msvr",
    "paloalto",
    "nginx"
  ],
  "result": "OK"
}

Vulners.com search query speed remains extremely high:

$ curl "https://vulners.com/api/v3/search/lucene/?query=type:centos&size=3&skip=2&references=true" -w %{time_connect}:%{time_starttransfer}:%{time_total}
...
],
"result": "OK"
}0,000:0,144:0,204

Average execution time is 35-45ms