Nmap Development mailing list archives
Vulscan - NSE script for vulnerability detection based on version detection
From: Paulino Calderon Pale <paulino () calderonpale com>
Date: Wed, 10 Jun 2015 17:21:04 -0500
Hi list, Jiayi is working on improving/updating Marc Ruef’s vulscan script (http://www.computec.ch/projekte/vulscan/? <http://www.computec.ch/projekte/vulscan/?>) to finally get it ready for inclusion. For those unfamiliar with the script, it takes the results of version detection and matches possible vulnerabilities existing in several databases (cve, exploitdb, openvas, osvdb, securityfocus, securitytracker, xforce, scipvuldb) that will be distributed separately. The script aims to turn nmap into a vulnerability scanner that takes advantage of our powerful version detection engine. Some time ago Marc even posted a second enhanced version of the script (http://seclists.org/fulldisclosure/2013/Aug/166 <http://seclists.org/fulldisclosure/2013/Aug/166>) but unfortunately it seems it slipped by our attention. This week I asked Marc if he got any feedback and he mentioned something about Fyodor recommending him to include an ‘update databases’ function in the script but I wanted to see if others had also different comments/issues. The script seems to work as expected as it is. However, we have a couple of different ideas for improvements like: * The script can suggest the users to run other NSE scripts if the CVE id matches (and we have a script for it) * Reducing the number of false positives by not printing information if version detection was not accurate enough. Does anyone remember if there was another reason why it didn’t get included? Can you think of other improvements that can done? We would love to hear your ideas! Cheers.
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Vulscan - NSE script for vulnerability detection based on version detection Paulino Calderon Pale (Jun 10)
- Re: Vulscan - NSE script for vulnerability detection based on version detection Patricio Castagnaro (Jun 10)