Timeline for Am I at risk? How to interpret debscan vulnerability output?
Current License: CC BY-SA 4.0
18 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 17, 2022 at 9:50 | history | protected | dr_ | ||
| May 27, 2020 at 15:54 | answer | added | nilp0inter | timeline score: 4 | |
| May 1, 2019 at 8:36 | comment | added | Rui F Ribeiro | @new2linux What I meant is, do not obsess with the results, and do take them with a grain of salt. You also ask a doctor to read a blood test, there are professionals for a reason. regards | |
| Apr 30, 2019 at 22:23 | comment | added | Chris Davies |
What you're missing is the difference between apt upgrade and apt dist-ugprade. The second one will perform an upgrade that is permitted to bring in new libraries and dependencies.
|
|
| Apr 29, 2019 at 13:15 | history | edited | new2linux | CC BY-SA 4.0 |
had to rewrite the question to fit the requirements
|
| Apr 28, 2019 at 20:49 | answer | added | Stephen Kitt | timeline score: 6 | |
| Apr 28, 2019 at 17:40 | review | Close votes | |||
| Apr 30, 2019 at 22:52 | |||||
| Apr 28, 2019 at 17:38 | comment | added | new2linux |
Yes you are right, "am I at risk" is too broad... and yes not knowing how to use such tools is the reason why I ask here. I am pretty sure here are people who will know how debescan works and point me to the right direction to learn on my own. But at least i know now that apt update && apt -y upgrade is not enough to be up to date.
|
|
| Apr 28, 2019 at 17:23 | comment | added | Rui F Ribeiro | This question may be akin to read a blood test with all those fancy names, and asking if at risk of all those "diseases". More important than using tools at random, is knowing how to use them and having the background to understand the results. Often the results are purely informative, or at worse, false positives, and without the background, one will not know. | |
| Apr 28, 2019 at 17:22 | history | edited | Rui F Ribeiro | CC BY-SA 4.0 |
deleted 10 characters in body
|
| Apr 28, 2019 at 17:21 | comment | added | 0xSheepdog | "Am I at risk?" is an extremely broad question. Also, while your question is regarding your specific system, in general your query seems to be about how to read, assess, prioritize, and mitigate findings from a vulnerability scan. This might get a lot more traction over at security.stackexchange.com | |
| Apr 28, 2019 at 17:11 | history | edited | Jeff Schaller♦ | CC BY-SA 4.0 |
deleted 15 characters in body; edited tags; edited title
|
| Apr 28, 2019 at 16:39 | history | edited | new2linux | CC BY-SA 4.0 |
added 231 characters in body
|
| Apr 28, 2019 at 16:32 | comment | added | new2linux |
@StephenKitt i did run it from it's src directory with ./debscan. What parameter should I use instead? And is it necessary to reread evey CVE entry to know what to do?
|
|
| Apr 28, 2019 at 16:23 | comment | added | Stephen Kitt |
How did you configure debsecan? Looking at CVE-2017-6505 (in QEMU) for example suggests it should be fixed on your system if you’ve updated it, and I imagine many other entries in your report are also false positives.
|
|
| Apr 28, 2019 at 16:16 | history | edited | GAD3R | CC BY-SA 4.0 |
typo fixed
|
| Apr 28, 2019 at 16:05 | review | First posts | |||
| Apr 28, 2019 at 16:09 | |||||
| Apr 28, 2019 at 16:04 | history | asked | new2linux | CC BY-SA 4.0 |