Nmap Development mailing list archives
RE: [RFC] Vulnerability library proposal
From: "Rob Nicholls" <robert () robnicholls co uk>
Date: Mon, 8 Aug 2011 10:22:25 +0100
Hi Christian, I suspect "Risk factor" is going to be similar to how Nessus displays a risk factor for an issue in addition to the CVSS score and CVSSv2 vector (and many others). I do think it would be a good idea to hold the CVSSv2 base score for each vulnerability though, to save me from having to identify a score for each issue raised by Nmap (or using the CVE to identify a score using NVD's database, for example). I don't think we should restrict ourselves to a single reference. Again, Nessus often provides several references for an issue, and for issues such as CVE-2009-3555 you might want to point people in the direction of specific posts by OpenSSL, Microsoft or F5 rather than a generic CVE. Many users may be casual users that don't use Nessus, Nikto or other tools, and might appreciate as much information as possible. If people want to merge references with those from other tools then they can probably choose to ignore the Nmap ones or choose to merge them all (if there are duplicate URLs then it's usually easy to de-dupe entries - I don't know offhand how Dradis Framework handles it, but any custom Ruby script could probably get away with a quick .uniq to remove duplicate URLs from an array). Real-time lookups of descriptions is an interesting idea, but I would personally prefer that the scripts don't require a third party server/internet access to provide a description. Many of my scans are performed on-site without internet access, and I suspect when I have internet access on-site then many/most of those customers would not like their vulnerabilities to be sent in real time over the internet to a third party server. I appreciate that storing this information within the scripts would add to the size of Nmap's downloads. Rob -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Christian Heinrich Sent: 08 August 2011 00:58 To: nmap-dev Subject: Re: [RFC] Vulnerability library proposal Djalal, On Sun, Aug 7, 2011 at 9:40 AM, Djalal Harouni <tixxdz () opendz org> wrote:
It would be really great if we can have suggestions from pen-testers and from people that integrate and use Nmap in their security tools. Thanks in advance.
http://dradisframework.org/ integrates nmap (XML) and they offer a similar concept i.e. http://securityroots.com/vulndb/
- "Risk factor": if present then show it (optional).
Would this be the "Base Metrics" from CVSSv2?
- "References": reference links (optional).
nmap could use a single reference value, such as CVE #. The other references (i.e. blogs, advisories, etc) could be retrieved when the results from Nikto, skipfish, etc are consumed, such as when they are uploaded to http://dradisframework.org/ However, it would assist with error checking/quality if nmap also mentioned these values.
- "Description": vulnerability description (optional).
This could be obtained in real time with http://scap.nist.gov/ -- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [RFC] Vulnerability library proposal, (continued)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Daniel Miller (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 12)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC v2] Vulnerability library proposal Marc Ruef (Aug 12)
- Re: [RFC v2] Vulnerability library proposal Djalal Harouni (Aug 12)