方法/步骤
一、登录阿里云控制台,【云盾 ● 态势感知】-【漏洞管理】,这里列出主机当前漏洞,根据漏洞类型进行逐一修复;下面漏洞主要关键词为NetwordManager、libnl3、wget、kernel、gnltus
二、远程连接主机,【云服务器 ECS】-【实例】-【远程连接】PS:忘记远程密码可在【更多】处重置密码;
修复命令
NetwordManager
- yum update NetworkManager
- yum update NetworkManager-libnm
- yum update NetworkManager-team
- yum update NetworkManager-tui
- yum update NetworkManager-wifi
wget
- yum update wget
libnl3
- yum update libnl3
- yum update libnl3-cli
kernel
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
gnutls
- yum update gnutls
漏洞修复后重启主机,并验证漏洞修复.
常见漏洞修复命令
RHSA-2017:1365: nss security and bug fix update (Important)
软件: nss 3.21.0-17.el7
命中: nss version less than 0:3.28.4-1.2.el7_3
- yum update nss
- yum update nss-sysinit
- yum update nss-tools
RHSA-2017:1100: nss and nss-util security update (Critical)
软件: nss-util 3.21.0-2.2.el7_2
命中: nss-util version less than 0:3.28.4-1.0.el7_3
- yum update nss-util
- yum update nss
- yum update nss-sysinit
- yum update nss-tools
RHSA-2017:2292: gnutls security, bug fix, and enhancement update (Moderate)
软件: gnutls 3.3.24-1.el7
命中: gnutls version less than 0:3.3.26-9.el7
- yum update gnutls
RHSA-2017:0086: kernel security, bug fix, and enhancement update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-514.6.1.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2016:2615: bind security update (Important)
软件: bind-libs-lite 9.9.4-37.el7
命中: bind-libs-lite version less than 32:9.9.4-38.el7_3
- yum update bind-libs-lite
- yum update bind-license
RHSA-2017:1680: bind security and bug fix update (Important)
软件: bind-libs-lite 9.9.4-37.el7
命中: bind-libs-lite version less than 32:9.9.4-50.el7_3.1
- yum update bind-libs-lite
- yum update bind-license
RHSA-2017:1308: kernel security, bug fix, and enhancement update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-514.21.1.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2017:0062: bind security update (Important)
软件: bind-libs-lite 9.9.4-37.el7
命中: bind-libs-lite version less than 32:9.9.4-38.el7_3.1
- yum update bind-libs-lite
- yum update bind-license
RHSA-2017:0386: kernel security, bug fix, and enhancement update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-514.10.2.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2017:1095: bind security update (Important)
软件: bind-libs-lite 9.9.4-37.el7
命中: bind-libs-lite version less than 32:9.9.4-38.el7_3.3
- yum update bind-libs-lite
- yum update bind-license
RHSA-2017:2299: NetworkManager and libnl3 security, bug fix and enhancement update (Moderate)
软件: libnl3 3.2.28-2.el7
命中: libnl3 version less than 0:3.2.28-4.el7
- yum update libnl3
- yum update libnl3-cli
- yum update NetworkManager
- yum update NetworkManager-libnm
- yum update NetworkManager-team
- yum update NetworkManager-tui
- yum update NetworkManager-wifi
RHSA-2017:1615: kernel security and bug fix update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-514.26.1.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2017:1842: kernel security, bug fix, and enhancement update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-693.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2017:0933: kernel security, bug fix, and enhancement update (Important)
软件: kernel-tools 3.10.0-514.el7
命中: kernel-tools version less than 0:3.10.0-514.16.1.el7
- yum update kernel-tools
- yum update kernel-tools-libs
- yum update python-perf
RHSA-2017:3075: wget security update
CVE-2017-13090 高危CVE-2017-13089 高危 GNU Wget缓冲区溢出漏洞
软件: wget 1.14-15.el7
命中: wget version less than 0:1.14-15.el7_4.1
- yum update wget