Security teams running Linux servers now have access to UChecker, a new tool from CloudLinux that runs scans on Linux servers to detect outdated shared libraries on both disk and in memory.
Offered as part of CloudLinux’s TuxCare security services, UChecker works with all modern Linux distributions and has been licensed under the GNU General Public License, Version 2.
According to ZDNet, UChecker tells security pros which application uses which vulnerable library and offers up the relevant process ID and process name. With this new information administrators can see which libraries they need to update.
For security administrators, the tool covers more than one Linux distribution in a scripted fashion. Dirk Schrader, global vice president, security research at New Net Technologies said it’s certainly a valid additional element in the cyber security tool chain, and security teams can use it as a complement to generic vulnerability scans.
“Depending on security workflows in place, admins might want to run this first as to reduce the number of vulnerabilities reported by the regular scanning activities, or they will use it to validate results from these scans,” Schrader said. “Either way, it helps address some of the basic security controls an organization should have in place, related to asset inventory and control.”
Yaniv Bar-Dayan, co-founder and CEO of Vulcan Cyber, said UChecker stands as a welcome addition to an already long list of open source vulnerability scanners, such as Vuls or OpenVAS that are available for Linux environment scanning.
“The challenge is always making sure to have scan coverage for the blind spot you may or may not know exists,” Bar-Dayan said. “We’d recommend taking a close look at IT asset inventories first to identify whether or not you might have vulnerable libraries running in memory. If so, UChecker combined with other vulnerability scanners can provide effective, full coverage.”
