[Openvas-plugins] Breaking up NVT Description
bchandra at secpod.com
Tue Feb 7 07:20:06 CET 2012
Is it possible that we look at OVAL metadata schema? Whatever that doesn't
fit into the metadata, we can add them as tags. The standard will continue
to improve and we can be in-line.
From: openvas-plugins-bounces at wald.intevation.org
[mailto:openvas-plugins-bounces at wald.intevation.org] On Behalf Of Jan-Oliver
Sent: Tuesday, February 07, 2012 3:10 AM
To: openvas-plugins at wald.intevation.org
Subject: [Openvas-plugins] Breaking up NVT Description
I am coming back to a discussion from November about breaking up the
description part of the NVTs into sensible elements.
Sebastien Aucouturier made a analysis on the description content and found a
number of keywords (see below).
The choice should be condensed to a sensible set.
I imagine a solution where the NVTs will break up the description into
several tags. The tags can be used by the Manager to assemble better reports
(ignoring the old-style description and result block). Scanner would need to
make a version check and for <= 5 it should apply traditional description
and result and for newer version should only return a result reduced to the
very core of result.
The disadvantage of this concept is that until OpenVAS-5 is retired, the
meta data in the NVTS are doubled. The advantage is to have a smooth
If we agree quickly on the elements it might be possible to implement a
work-around into OpenVAS-5 to already process the new style as soon as it
appears in the NVTs. Which could reduce the waiting time to until OpenVAS-4
Current Keywords in NVTs (Nov 2011):
CVSS Score( Report)?
CVSS Base Score
Other bugs fixed
The following package is affected
The following versions are affected
The following versions are vulnerable
The issue affects the following
My first attempt to condense this (any suggestions and proposals welcome to
- Overview (the short summary)
- Insight (technical information for experts)
- Affected (what products, services, systems are affected)
- Immune (which are immunue)
- Solution (how to fix the problem)
And then "Results" which is what is returned only.
Anything else is meta information.
CVSS and risk factor are gone to tags already. References could go to xrefs.
Some of the information seem to be redundant as they are available 1:1 in
the original CVE reports.
Any opinions, comments welcome!
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
Openvas-plugins mailing list
Openvas-plugins at wald.intevation.org
More information about the Openvas-plugins