How to tell if a server is vulnerable to a CVE

How to tell if your system is vulnerable?

If you have a specific CVE or set of CVEs that you are worried about you can use the yum command to see if your system is vulnerable. Start by installing yum-plugin-security:

sudo yum install yum-plugin-security

Then query the CVE you are interested in, for example on a RHEL 7 system without the OpenSSL update:

[root@localhost ~]# yum updateinfo info --cve CVE-2014-0224

===============================================

Important: openssl security update

===============================================

Update ID : RHSA-2014:0679

Release :

Type : security

Status : final

Issued : 2014-06-10 00:00:00

Bugs : 1087195 - CVE-2010-5298 openssl: freelist misuse causing

a possible use-after-free

: 1093837 - CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL

pointer dereference in do_ssl3_write()

: 1103586 - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability

: 1103593 - CVE-2014-0221 openssl: DoS when sending invalid DTLS

handshake

: 1103598 - CVE-2014-0195 openssl: Buffer overflow via DTLS

invalid fragment

: 1103600 - CVE-2014-3470 openssl: client-side denial of service

when using anonymous ECDH

CVEs : CVE-2014-0224

: CVE-2014-0221

: CVE-2014-0198

: CVE-2014-0195

: CVE-2010-5298

: CVE-2014-3470

Description : OpenSSL is a toolkit that implements the Secure

Sockets Layer

If your system is up to date or the CVE doesn't affect the platform you're on then no information will be returned.

Conclusion

Red Hat Product Security makes available as much information as we can regarding vulnerabilities affecting our customers. This information is available on our customer portal as well as within the software repositories. As you can see it is both easy and quick to determine if your system is up to date on security patches with the provided information and tools.

The following checklist can be used to check if systems or packages are affected by specific security issues:

1) Check if the issue you're concerned about has a CVE and check the Red Hat CVE page:

https://access.redhat.com/security/cve/CVE-2014-0224

2) Check to see if your system is up to date for that issue:

sudo yum install yum-plugin-security

yum updateinfo info --cve CVE-2014-0224

PreviousRHEL 5 yum rollbacksNextRPM check for security updates

Last updated

Was this helpful?