How to scan CentOS for vulnerabilities with openscap?

Support for security such as Firewalls and securing linux
Post Reply
sarthak
Posts: 1
Joined: 2022/06/14 06:34:42

How to scan CentOS for vulnerabilities with openscap?

Post by sarthak » 2022/06/14 06:39:25

  • What are currently recommended processes/tools which would allow robust data retrieval of CVE’s affecting a CentOS system? FYI, we tried grype and lynis -- both reported very inaccurate results.
  • Is it possible to modify the OVAL files from RedHat and use it for CentOS?
The Issue
We are trying to retrieve a list of CVEs that affect particular CentOS systems.

What are we seeking?
Currently on RedHat, we use the OVAL file provided by RedHat to detect CVEs. However, OVAL files are not provided by CentOS and we’re seeking community recommendations to solve the challenge.



What we tried:

We tried some basic substitution in the RedHat OVAL file by substituting 'redhat:entrerprise_linux' to 'centos:centos' and 'ref_id="RHSA' to 'ref_id="CESA'. These did not work.

Code: Select all

    sudo sed -i   's/cpe:\/o:redhat:enterprise_linux/cpe:\/o:centos:centos/g'   com.redhat.rhsa-RHEL8.xml

    sudo sed -i   's/cpe:\/a:redhat:enterprise_linux/cpe:\/o:centos:centos/g'   com.redhat.rhsa-RHEL8.xml

    sudo sed -i   's/ref_id="RHSA/ref_id="CESA/g'   com.redhat.rhsa-RHEL8.xml

We also tried this tool (https://github.com/Sep0lkit/oval-for-el) that converts RHEL OVAL files to CentOS OVAL files, but it seems not to be updated – and didn’t work either.



Thank you for your response,

Post Reply