Nmap Development mailing list archives
Re: [RFC] Vulnerability library proposal
From: Christian Heinrich <christian.heinrich () cmlh id au>
Date: Mon, 8 Aug 2011 09:58:05 +1000
Djalal, On Sun, Aug 7, 2011 at 9:40 AM, Djalal Harouni <tixxdz () opendz org> wrote:
It would be really great if we can have suggestions from pen-testers and from people that integrate and use Nmap in their security tools. Thanks in advance.
http://dradisframework.org/ integrates nmap (XML) and they offer a similar concept i.e. http://securityroots.com/vulndb/
- "Risk factor": if present then show it (optional).
Would this be the "Base Metrics" from CVSSv2?
- "References": reference links (optional).
nmap could use a single reference value, such as CVE #. The other references (i.e. blogs, advisories, etc) could be retrieved when the results from Nikto, skipfish, etc are consumed, such as when they are uploaded to http://dradisframework.org/ However, it would assist with error checking/quality if nmap also mentioned these values.
- "Description": vulnerability description (optional).
This could be obtained in real time with http://scap.nist.gov/ -- Regards, Christian Heinrich http://cmlh.id.au/contact _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [RFC] Vulnerability library proposal Djalal Harouni (Aug 06)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 07)
- Re: [RFC] Vulnerability library proposal Henri Doreau (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Daniel Miller (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Henri Doreau (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 07)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Christian Heinrich (Aug 09)
- RE: [RFC] Vulnerability library proposal Rob Nicholls (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 09)
- Re: [RFC] Vulnerability library proposal Djalal Harouni (Aug 12)