在 CVE-Search 重開機後嘗試更新資料庫失敗 AuthenticationError
24 min readMar 23, 2023
上一篇我們已將教大家如何在 Ubuntu 20.04 安裝 CVE-Search 伺服器並更新資料庫,沒想到隔天 Azure 虛擬機器重開後發現更新資料庫的作業失敗了。
手動執行更新 CVE 資料庫
./sbin/db_updater.py -v發生錯誤 Client sent AUTH, but no password is set
2023-03-21 09:17:07,487 - DBUpdater - INFO - ==========================
2023-03-21 09:17:07,489 - DBUpdater - INFO - Tue 21 March 2023 01:17
2023-03-21 09:17:07,489 - DBUpdater - INFO - ==========================
2023-03-21 09:17:07,490 - DBUpdater - INFO - Starting cpe
Traceback (most recent call last):
File "./sbin/db_updater.py", line 162, in <module>
up = source["updater"]()
File "/home/azureadmin/cve-search/sbin/../lib/Sources_process.py", line 51, in __init__
super().__init__(self.feed_type, self.prefix)
File "/home/azureadmin/cve-search/sbin/../lib/JSONFileHandler.py", line 10, in __init__
super().__init__(feed_type)
File "/home/azureadmin/cve-search/sbin/../lib/DownloadHandler.py", line 52, in __init__
self.file_queue.clear()
File "/home/azureadmin/cve-search/sbin/../lib/redis_q.py", line 45, in clear
self.__db.delete(self.key)
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/commands/core.py", line 1483, in delete
return self.execute_command("DEL", *names)
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/client.py", line 1215, in execute_command
conn = self.connection or pool.get_connection(command_name, **options)
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/connection.py", line 1386, in get_connection
connection.connect()
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/connection.py", line 626, in connect
self.on_connect()
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/connection.py", line 716, in on_connect
auth_response = self.read_response()
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/connection.py", line 821, in read_response
response = self._parser.read_response(disable_decoding=disable_decoding)
File "/home/azureadmin/.local/lib/python3.8/site-packages/redis/connection.py", line 336, in read_response
raise error
redis.exceptions.AuthenticationError: Client sent AUTH, but no password is set預設情況下,CVE-Search 假設了應用程序的某些方面配置。
若您想要修改預設的配置,建議將 configuration.ini.sample 複製到 configuration.ini 再進行相應的調整。
cat etc/configuration.ini查看 CVE-Search 與 Redis 建立連線的密碼
[Redis]
Host: localhost
Port: 6379
Password: RedisPassword
redisQ: 9
VendorsDB: 10
NotificationsDB: 11
RefDB: 12主要是 Redis 沒有設定密碼所造成
sudo vi /etc/redis/redis.conf啟用 requirepass,填入剛剛的密碼 RedisPassword。
################################## SECURITY ###################################
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared
requirepass RedisPassword重新啟動 MongoDB 與 Redis 服務
sudo service mongod restart
sudo service redis-server restart再次手動執行更新 CVE 資料庫
./sbin/db_updater.py -v就可以正常更新完畢了
2023-03-23 14:15:34,162 - DBUpdater - INFO - ==========================
2023-03-23 14:15:34,162 - DBUpdater - INFO - Thu 23 March 2023 06:15
2023-03-23 14:15:34,162 - DBUpdater - INFO - ==========================
2023-03-23 14:15:34,162 - DBUpdater - INFO - Starting cpe
2023-03-23 14:15:34,165 - CPEDownloads - INFO - CPE database update started
Downloading files: 100%|███████████████████████████████████████████████████████████████████████████| 1/1 [00:12<00:00, 12.20s/it]
Processing downloaded files: 100%|█████████████████████████████████████████████████████████████████| 1/1 [02:48<00:00, 168.10s/it]
Transferring queue to database: 100%|██████████████████████████████████████████████████████████████| 611697/611697 [02:55<00:00, 3492.14it/s]
2023-03-23 14:21:29,707 - CPEDownloads - INFO - Duration: 0:05:55.540373
2023-03-23 14:21:29,707 - CPEDownloads - INFO - Finished CPE database update
2023-03-23 14:21:29,708 - DBUpdater - INFO - cpe has 429390 elements (67 update)
2023-03-23 14:21:29,709 - DBUpdater - INFO - Starting cve
2023-03-23 14:21:29,712 - CVEDownloads - INFO - CVE database update started
Downloading files: 100%|███████████████████████████████████████████████████████████████████████████| 2/2 [00:01<00:00, 1.15it/s]
Processing downloaded files: 100%|█████████████████████████████████████████████████████████████████| 2/2 [00:14<00:00, 7.35s/it]
Transferring queue to database: 100%|██████████████████████████████████████████████████████████████| 1677/1677 [00:10<00:00, 167.49it/s]
2023-03-23 14:21:56,238 - CVEDownloads - INFO - Duration: 0:00:26.524915
2023-03-23 14:21:56,239 - CVEDownloads - INFO - Finished CVE database update
2023-03-23 14:21:56,240 - DBUpdater - INFO - cve has 210300 elements (12 update)
2023-03-23 14:21:56,240 - DBUpdater - INFO - Starting cwe
2023-03-23 14:21:56,248 - CWEDownloads - INFO - CWE database update started
Downloading files: 0%| | 0/1 [00:00<?, ?it/s]2023-03-23 14:22:01,315 - CWEDownloads - INFO - CWE's are not modified since the last update
Downloading files: 100%|███████████████████████████████████████████████████████████████████████████| 1/1 [00:05<00:00, 5.06s/it]
2023-03-23 14:22:01,318 - CWEDownloads - INFO - Duration: 0:00:05.068429
2023-03-23 14:22:01,318 - CWEDownloads - INFO - Finished CWE database update
2023-03-23 14:22:01,319 - DBUpdater - INFO - cwe has 1234 elements (0 update)
2023-03-23 14:22:01,319 - DBUpdater - INFO - Starting capec
2023-03-23 14:22:01,322 - CAPECDownloads - INFO - CAPEC database update started
Downloading files: 0%| | 0/1 [00:00<?, ?it/s]2023-03-23 14:22:09,490 - CAPECDownloads - INFO - CAPEC's are not modified since the last update
Downloading files: 100%|███████████████████████████████████████████████████████████████████████████| 1/1 [00:08<00:00, 8.17s/it]
2023-03-23 14:22:09,493 - CAPECDownloads - INFO - Duration: 0:00:08.170659
2023-03-23 14:22:09,493 - CAPECDownloads - INFO - Finished CAPEC database update
2023-03-23 14:22:09,495 - DBUpdater - INFO - capec has 546 elements (0 update)
2023-03-23 14:22:09,495 - DBUpdater - INFO - Starting via4
2023-03-23 14:22:09,497 - VIADownloads - INFO - VIA4 database update started
Downloading files: 0%| | 0/1 [00:00<?, ?it/s]2023-03-23 14:22:17,614 - VIADownloads - INFO - VIA4's are not modified since the last update
Downloading files: 100%|███████████████████████████████████████████████████████████████████████████| 1/1 [00:08<00:00, 8.12s/it]
2023-03-23 14:22:17,617 - VIADownloads - INFO - Duration: 0:00:08.118935
2023-03-23 14:22:17,617 - VIADownloads - INFO - Finished VIA4 database update
2023-03-23 14:22:17,618 - DBUpdater - INFO - via4 has 148299 elements (0 update)
2023-03-23 14:22:17,618 - DBUpdater - INFO - Starting ensureindex
2023-03-23 14:22:17,621 - DatabaseIndexer - INFO - Success to create index statements.contributor on via4
2023-03-23 14:22:17,621 - DatabaseIndexer - INFO - Success to create index statements.organization on via4
2023-03-23 14:22:17,622 - DatabaseIndexer - INFO - Success to create index refmap.aixapar on via4
2023-03-23 14:22:17,623 - DatabaseIndexer - INFO - Success to create index refmap.bea on via4
2023-03-23 14:22:17,623 - DatabaseIndexer - INFO - Success to create index refmap.bid on via4
2023-03-23 14:22:17,624 - DatabaseIndexer - INFO - Success to create index refmap.cert on via4
2023-03-23 14:22:17,624 - DatabaseIndexer - INFO - Success to create index refmap.cert-vn on via4
2023-03-23 14:22:17,625 - DatabaseIndexer - INFO - Success to create index refmap.debian on via4
2023-03-23 14:22:17,625 - DatabaseIndexer - INFO - Success to create index refmap.fedora on via4
2023-03-23 14:22:17,626 - DatabaseIndexer - INFO - Success to create index refmap.freebsd on via4
2023-03-23 14:22:17,626 - DatabaseIndexer - INFO - Success to create index refmap.gentoo on via4
2023-03-23 14:22:17,627 - DatabaseIndexer - INFO - Success to create index refmap.hp on via4
2023-03-23 14:22:17,627 - DatabaseIndexer - INFO - Success to create index refmap.jvn on via4
2023-03-23 14:22:17,628 - DatabaseIndexer - INFO - Success to create index refmap.jvndb on via4
2023-03-23 14:22:17,628 - DatabaseIndexer - INFO - Success to create index refmap.mandrake on via4
2023-03-23 14:22:17,629 - DatabaseIndexer - INFO - Success to create index refmap.mandriva on via4
2023-03-23 14:22:17,629 - DatabaseIndexer - INFO - Success to create index refmap.milw0rm on via4
2023-03-23 14:22:17,630 - DatabaseIndexer - INFO - Success to create index refmap.netbsd on via4
2023-03-23 14:22:17,630 - DatabaseIndexer - INFO - Success to create index refmap.openpkg on via4
2023-03-23 14:22:17,631 - DatabaseIndexer - INFO - Success to create index refmap.osvdb on via4
2023-03-23 14:22:17,631 - DatabaseIndexer - INFO - Success to create index refmap.sco on via4
2023-03-23 14:22:17,632 - DatabaseIndexer - INFO - Success to create index refmap.sectrack on via4
2023-03-23 14:22:17,633 - DatabaseIndexer - INFO - Success to create index refmap.secunia on via4
2023-03-23 14:22:17,633 - DatabaseIndexer - INFO - Success to create index refmap.sgi on via4
2023-03-23 14:22:17,634 - DatabaseIndexer - INFO - Success to create index refmap.slackware on via4
2023-03-23 14:22:17,634 - DatabaseIndexer - INFO - Success to create index refmap.suse on via4
2023-03-23 14:22:17,635 - DatabaseIndexer - INFO - Success to create index refmap.ubuntu on via4
2023-03-23 14:22:17,635 - DatabaseIndexer - INFO - Success to create index refmap.vupen on via4
2023-03-23 14:22:17,636 - DatabaseIndexer - INFO - Success to create index refmap.xf on via4
2023-03-23 14:22:17,636 - DatabaseIndexer - INFO - Success to create index redhat.advisories.rhsa.id on via4
2023-03-23 14:22:17,637 - DatabaseIndexer - INFO - Success to create index redhat.advisories.bugzilla.id on via4
2023-03-23 14:22:17,637 - DatabaseIndexer - INFO - Success to create index redhat.rpms on via4
2023-03-23 14:22:17,638 - DatabaseIndexer - INFO - Success to create index msbulletin.name on via4
2023-03-23 14:22:17,638 - DatabaseIndexer - INFO - Success to create index msbulletin.knowledgebase_id on via4
2023-03-23 14:22:17,639 - DatabaseIndexer - INFO - Success to create index d2sec.name on via4
2023-03-23 14:22:17,639 - DatabaseIndexer - INFO - Success to create index oval.id on via4
2023-03-23 14:22:17,640 - DatabaseIndexer - INFO - Success to create index saint.id on via4
2023-03-23 14:22:17,640 - DatabaseIndexer - INFO - Success to create index saint.bid on via4
2023-03-23 14:22:17,641 - DatabaseIndexer - INFO - Success to create index saint.osvdb on via4
2023-03-23 14:22:17,642 - DatabaseIndexer - INFO - Success to create index saint.title on via4
2023-03-23 14:22:17,642 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cpe
2023-03-23 14:22:17,643 - DatabaseIndexer - INFO - Success to create index [('vendor', 1)] on cpe
2023-03-23 14:22:17,643 - DatabaseIndexer - INFO - Success to create index [('product', 1)] on cpe
2023-03-23 14:22:17,644 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cpeother
2023-03-23 14:22:17,644 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on cves
2023-03-23 14:22:17,645 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration', 1)] on cves
2023-03-23 14:22:17,645 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product', 1)] on cves
2023-03-23 14:22:17,646 - DatabaseIndexer - INFO - Success to create index [('Modified', 1)] on cves
2023-03-23 14:22:17,646 - DatabaseIndexer - INFO - Success to create index [('Published', 1)] on cves
2023-03-23 14:22:17,647 - DatabaseIndexer - INFO - Success to create index [('last-modified', 1)] on cves
2023-03-23 14:22:17,647 - DatabaseIndexer - INFO - Success to create index [('cvss', 1)] on cves
2023-03-23 14:22:17,648 - DatabaseIndexer - INFO - Success to create index [('cvss3', 1)] on cves
2023-03-23 14:22:17,649 - DatabaseIndexer - INFO - Success to create index [('summary', 'text')] on cves
2023-03-23 14:22:17,650 - DatabaseIndexer - INFO - Success to create index [('vendors', 1)] on cves
2023-03-23 14:22:17,650 - DatabaseIndexer - INFO - Success to create index [('products', 1)] on cves
2023-03-23 14:22:17,651 - DatabaseIndexer - INFO - Success to create index [('vulnerable_product_stems', 1)] on cves
2023-03-23 14:22:17,651 - DatabaseIndexer - INFO - Success to create index [('vulnerable_configuration_stems', 1)] on cves
2023-03-23 14:22:17,652 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on via4
2023-03-23 14:22:17,652 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on mgmt_whitelist
2023-03-23 14:22:17,653 - DatabaseIndexer - INFO - Success to create index [('id', 1)] on mgmt_blacklist
2023-03-23 14:22:17,653 - DatabaseIndexer - INFO - Success to create index [('related_weakness', 1)] on capec
2023-03-23 14:22:17,654 - DBUpdater - INFO - Starting schema
2023-03-23 14:22:17,660 - SchemaChecker - INFO - Updating schema version
2023-03-23 14:22:17,665 - SchemaChecker - INFO - Update schema version done!
