阿里云服务器漏洞整理
最近阿里云突然提示我100多个系统漏洞。涵盖CentOS7,windows Server2008服务器。遂点击查看,发现需要付费才可以查看具体漏洞,好在有7天体验期。点击查看看了具体漏洞详情。无外乎:ssh,vim,kernal,python-lib,curl,wget,glibc,grep,sqlite等系统工具版本太低,提示的都标注为高危漏洞:
总结了下所有修复命令罗列如下:
|
yum update pcre yum update pcre-devel |
|
yum update kernel yum update kernel-devel yum update kernel-headers yum update kernel-tools yum update kernel-tools-libs |
|
yum update openssl yum update openssl-devel yum update openssl-libs |
|
yum update bind-libs yum update bind-libs-lite yum update bind-license yum update bind-utils |
|
yum update abrt yum update abrt-addon-ccpp yum update abrt-addon-kerneloops yum update abrt-addon-pstoreoops yum update abrt-addon-python yum update abrt-addon-vmcore yum update abrt-addon-xorg yum update abrt-cli yum update abrt-console-notification yum update abrt-libs yum update abrt-python yum update abrt-tui yum update libreport yum update libreport-cli yum update libreport-filesystem yum update libreport-plugin-mailx yum update libreport-plugin-rhtsupport yum update libreport-plugin-ureport yum update libreport-python yum update libreport-rhel yum update libreport-web |
|
yum update subversion yum update subversion-libs |
|
yum update nss-util yum update nss yum update nss-sysinit yum update nss-tools |
|
yum update libtiff |
|
yum update libssh2 |
|
yum update chrony |
|
yum update sssd-client |
|
yum update grep |
|
yum update sqlite |
|
yum update ModemManager-glib yum update NetworkManager yum update NetworkManager-glib yum update NetworkManager-tui |
|
yum update libuser |
|
yum update nettle |
|
yum update ntp yum update ntpdate |
|
yum update mariadb-libs |
|
yum update glibc yum update glibc-common yum update glibc-devel yum update glibc-headers yum update nscd |
|
yum update libgcrypt |
|
yum update libXfont |
|
yum update wget |
|
yum update ntp yum update ntpdate |
|
yum update vim-filesystem yum update vim-minimal |
|
yum update curl yum update libcurl yum update libcurl-devel |
|
yum update python yum update python-libs |
|
yum update libxml2 yum update libxml2-devel yum update libxml2-python |
|
yum update cups-filters yum update cups-filters-libs |
|
yum update libtiff |
|
yum update glibc yum update glibc-common yum update glibc-devel yum update glibc-headers yum update nscd |
|
yum update mariadb-libs |
|
yum update poppler yum update poppler-utils |
|
yum update libgcrypt yum update libgcrypt-devel |
|
yum update openldap |
|
yum update vim-filesystem yum update vim-minimal |
而这项服务是收费的,其实只要执行yum update 一句即可修复所有问题,所谓100多个漏洞只是恐吓用户去付费罢了。
windows :
windows server也发现有漏洞,但是显示修复成功,修复方法就是window update。
总结:其实系统漏洞,阿里云只是作为一个大平台提醒服务,真正系统漏洞修复,还是靠系统自身更新!
博客地址:http://blog.yoqi.me/?p=3671
这篇文章还没有评论