- 2012/11/25 cvechecker 3.2 released
- 2011/07/21 repository moved to github
- 2011/04/13 cvechecker 3.1 released
- 2011/04/12 cvechecker 3.0 released
- 2011/04/08 documentation updates for in-svn version
- 2010/12/01 cvechecker 2.0 released
Welcome to the cvechecker tool homepage. The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.
Still, the tool remains useful. With the proper reporting in place, you are immediately warned when a new CVE has been released that might match your system. You can then take the appropriate steps (acknowledge report, verify incident, fix package or mark as false positive).
The tool however needs your help as well. The most work is to tell cvechecker how to detect which software is installed and what version. For more information, see the cvechecker man-page.
The current stable release is 3.2, released on 2012/11/25.
There is currently no development release yet, but stay tuned to see the further development of this tool.
The changelog for the cvechecker tool can be consulted online.
If you want to contact me about this project, you can mail me at email@example.com.
(c) 2013 Sven Vermeulen