netbsd 提供了一个ports tree方式的跨平台包管理器
并提供了一个漏洞库,(你也可以使用pkgsrc来安装你的ssh和其他服务,日常的包就别想了坑太多。)
漏洞数据库文件地址:
http://cdn.netbsd.org/pub/NetBSD/packages/vulns/pkg-vulnerabilities.bz2
黑阔可能用不到,但是自己没事经常下载下来翻着检查你系统的过期服务可以的
比如翻看ssh的漏洞记录
┌─[luhux@amd64linux]─[~/pkgsrc]
└──╼ $cat pkg-vulnerabilities | grep ssh
openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding
ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie
openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29
openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt
openssh<3.4 remote-root-shell http://online.securityfocus.com/bid/5093
ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619
ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt
ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/
openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv
openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv
openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv
openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798
rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml
rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046
rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml
openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/
openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/
openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265
openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259
openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539
openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/
openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161
rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml
openssh<5.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814
rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/50272/
libssh<0.53 multiple-vulnerabilities http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/51343/
libssh<0.54 null-dereference http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/
openssh>=6.2<6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
libssh<0.63 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017
openssh<6.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
openssh<6.6.1nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
libssh<0.64 multiple-vulnerabilities http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
libssh2<1.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782
libssh<0.65 double-free https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
openssh<6.6.1nb6 heap-overflow http://www.openwall.com/lists/oss-security/2015/05/16/3
openssh<6.9.1nb1 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600
openssh<6.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
openssh<7.0 privilege-escalation http://seclists.org/fulldisclosure/2015/Aug/54
openssh<7.1.1nb2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
openssh<7.1.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
openssh<7.1.1nb3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907
libssh2<1.7.0 weak-cryptography https://www.libssh2.org/adv_20160223.html
openssh<7.2.2 command-injection http://www.openssh.com/txt/x11fwd.adv
libssh<0.73 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
libssh2<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
openssh<7.2.2nb1 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8325
openssh<7.3 valid-account-enumeration http://seclists.org/fulldisclosure/2016/Jul/51
openssh<7.3.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515
openssh<7.3.1 multiple-vulnerabilities http://www.openssh.com/txt/release-7.3
openssh<7.4 multiple-vulnerabilities http://www.openssh.com/txt/release-7.4
openssh<7.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15906
openssh<7.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10708
py{34,35,36}-asyncssh<1.12.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7749
openssh<7.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15473
openssh-[0-9]* oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15919
libssh<0.76 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10933