Qualys Adds Support for Vulnerability Detections on Virtuozzo Linux (VzLinux)
Table of Contents
Qualys VMDR team adds support for the Virtuozzo Linux. This new support will help security teams to check the Virtuozzo Linux packages installed on a host and identify the related vulnerabilities.
Qualys has added support for the following flavors of Virtuozzo Linux:
- Virtuozzo Hybrid Server
- Virtuozzo Linux
Virtuozzo Hybrid Server
Virtuozzo Hybrid Server is a bare-metal virtualization solution that includes the following:
- Enterprise features
- Production support
- Container virtualization
- Software-defined storage
- KVM-based virtual machines
Virtuozzo Hybrid Server runs on top of VzLinux, an RHEL-based Linux distribution.
Qualys currently supports two versions of the Vituozzo Hybrid Server:
- Virtuozzo Hybrid Server 6
- Virtuozzo Hybrid Server 7
Virtuozzo Linux
VzLinux is a free-to-use open-source Linux-based operating system used in commercial products. This is based on the RHEL (Red Hat Enterprise Linux) releases.
Qualys supports the two versions of the Vituozzo Linux:
- Virtuozzo Linux 8: A 1:1 clone of Redhat Enterprise Linux (RHEL) 8.
- Virtuozzo Linux 9: A 1:1 clone of Redhat Enterprise Linux (RHEL) 9.
Signature Detection
Virtuozzo Hybrid Server 6
The server reached the End of Life (EOL) cycle in Nov 2021. So, Qualys will release EOL QIDs for the Virtuozzo Hybrid Server 6 in the upcoming week.
Virtuozzo Hybrid Server 7
Qualys adds support for the upstream patches made available by RedHat.
Qualys adds QIDs based on the vendor advisories for upstream patches, but after 2020, there is no update on the vendor advisory.
Virtuozzo Linux 8 and 9
There are no publicly available vendor advisories for the Virtuozzo Linux 8 and 9 as of now. Qualys will add QIDs based on the advisories once they are made available by the vendor.
Here is an example of the scan results for the Information Gathering QID 45017. The scan results show Virtuozzo Linux 7, 8, and 9. Please refer to the screenshots below:
