Nmap Development mailing list archives
Re: [NSE] Release of nmap nse vulscan 1.0, CPE coverage
From: Marc Ruef <marc.ruef () computec ch>
Date: Wed, 31 Jul 2013 15:05:45 +0200
Hello David,
You're able to download the latest release of Nmap NSE Vulscan 1.0 here: http://www.computec.ch/mruef/software/nmap_nse_vulscan-1.0.tar.gzGood work on this release, Marc.
Thanks for your kind words! I'm currently working on release 2.0, which will take version numbers into consideration. It will be released at the new project web site at http://www.computec.ch/projekte/vulscan/
Would better CPE coverage in nmap-service-probes help you? We have a program, cpeify-os.py, that automatically adds CPE entries for lots of common OS and hardware name patterns to nmap-os-db. I think a similar program for nmap-service-probes could greatly increase coverage without very much effort.
OS information isn't very useful at the moment (although I'm going to support it in a later release) ...
I'm attaching the cpeify-os.py and sv-tidy.py programs. sv-tidy is a program that can parse nmap-service-probes. My idea is to copy the CPE guessing code from cpeify-os into sv-tidy, and have sv-tidy automatically add CPE templates where possible. What do you think?
... but CPE info for services would be brilliant! Some vulnerability databases support CPE "by default". Examples:
* NIST - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1534 * scip VulDB - http://www.scip.ch/en/?vuldb.8293I'd have to enhance the db file format, to work with CPE values. But this would highly improve the accuracy.
CPE templates that are automatically added like this have a special "a" flag (for "automatic"), like this: cpe:/a:proftpd:proftpd/a That way, the program can know what existing CPE is safe to replace. If a template lacks the "a" flag, it was added by a human and shouldn't be overwritten.
Nice feature! Regards, Marc -- Marc Ruef | marc.ruef () computec ch | http://www.computec.ch/mruef/ _________________________________________________________________Meine letzte Publikation: "Anfang und Ende eines Security Tests" http://www.computec.ch/news.php?item.405
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Release of nmap nse vulscan 1.0, CPE coverage David Fifield (Jul 26)
- Re: [NSE] Release of nmap nse vulscan 1.0, CPE coverage Marc Ruef (Jul 31)