installed package vulnerability checker for Red Hat/Centos?
Jeremy C. Reed
reed at reedmedia.net
Thu Sep 21 08:26:38 MST 2006
Does anyone know of a tool for checking if installed packages on a CentOS
system have known vulnerabilities?
I know yum can be used to indicate if updates are available.
But I am looking for something like NetBSD Pkgsrc's audit-packages or
FreeBSD's portaudit -- list name and version of installed package and an
item and/or URL about the vulnerability. For example:
Package xzgv-0.8.0.1nb1 has a remote-code-execution vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060
Thanks!
More information about the PLUG-discuss
mailing list