1cverules(1) cverules Manual cverules(1)
2
6 cverules - Generate version matching rules for installed software on a
7 Linux / Unix distribution
8
10 cverules -r
11
13 The cverules script will scan the installed distribution packages on
14 your system and attempt to generate version matching rules that can be
15 used by cvechecker.
16 The script should be used by people interested in contributing to the
18 cvechecker' success.
19
21 COMMAND USAGE
22 The command requires a single option, -r. An example usage pattern is
23 like so:
24 ~$ cverules -r > output.txt
26 The generated output.txt file can then be submitted to the cvechecker
28 project, allowing it to improve the versions.dat.
29 USABILITY
31 The user should understand that this script attempts to generate match‐
32 es, but doesn't guarantee that each and every installed software is de‐
33 tected.
34 First of all, if a package is already matched by existing rules, the
36 rest of the package' content isn't scanned anymore. This is because the
37 tool wants to identify software and versions - once one has been de‐
38 tected, further detection is less useful and very resource consuming.
39 Second, if a package isn't detected properly, the script will see if
41 the version based on the distributions' package version can be found.
42 If it can't, then it cannot identify the version properly and ignores
43 the package.
44 Third, if the script does find a match for the version, it tries out a
46 few regular expressions (which have a high probability rate to match
47 the version) but has no intelligence to optimize the expressions. If
48 the tried expressions fail, the script will ignore the package.
49
51 cverules is part of the cvechecker tool. cverules was written by Sven
52 Vermeulen <sven.vermeulen@siphos.be>.
53November 25, 2010 1 December 2010 cverules(1)