All Linux HowTo's Security HowTo's

Nmap with Vulners on CentOS 7 or 8 – A short HowTo

This article shows how to install and run Nmap using the Vulners script to do vulnerability assessments.

Download Nmap:

yum install nmap

Install the Vulners.nse script:

/usr/share/nmap
wget https://svn.nmap.org/nmap/scripts/vulners.nse

Run a scan targetting the machine (in this example) “192.168.4.250”:

nmap -sV --script vulners.nse 192.168.4.250

My output looks like this:

22/tcp  open  ssh     OpenSSH 8.0 (protocol 2.0)
| vulners: 
|   cpe:/a:openbsd:openssh:8.0: 
|     	CVE-2019-16905	4.4	https://vulners.com/cve/CVE-2019-16905
|_    	CVE-2020-14145	4.3	https://vulners.com/cve/CVE-2020-14145
80/tcp  open  http    Apache httpd 2.4.37 ((centos) mod_perl/2.0.11 Perl/v5.26.3)
|_http-server-header: Apache/2.4.37 (centos) mod_perl/2.0.11 Perl/v5.26.3
| vulners: 
|   cpe:/a:apache:http_server:2.4.37: 
|     	CVE-2019-0211	7.2	https://vulners.com/cve/CVE-2019-0211
|     	CVE-2019-10082	6.4	https://vulners.com/cve/CVE-2019-10082
|     	CVE-2019-10097	6.0	https://vulners.com/cve/CVE-2019-10097
|     	CVE-2019-0217	6.0	https://vulners.com/cve/CVE-2019-0217
|     	CVE-2019-0215	6.0	https://vulners.com/cve/CVE-2019-0215
|     	CVE-2020-1927	5.8	https://vulners.com/cve/CVE-2020-1927
|     	CVE-2019-10098	5.8	https://vulners.com/cve/CVE-2019-10098
|     	CVE-2020-1934	5.0	https://vulners.com/cve/CVE-2020-1934
|     	CVE-2019-10081	5.0	https://vulners.com/cve/CVE-2019-10081
|     	CVE-2019-0220	5.0	https://vulners.com/cve/CVE-2019-0220
|     	CVE-2019-0196	5.0	https://vulners.com/cve/CVE-2019-0196
|     	CVE-2019-0190	5.0	https://vulners.com/cve/CVE-2019-0190
|     	CVE-2018-17199	5.0	https://vulners.com/cve/CVE-2018-17199
|     	CVE-2019-0197	4.9	https://vulners.com/cve/CVE-2019-0197
|_    	CVE-2019-10092	4.3	https://vulners.com/cve/CVE-2019-10092

You can see it found 3 known issues relating to the ssh server and multiple issues relating to the web server.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.