On Thu Sep 25, 2003 at 08:56:38PM -0700, Jack Coates wrote: > > My response will be short simply due to the fact that you posted in html and > > I can't quote it and can't be bothered to cut-n-paste. > > > > Every Mandrake advisory includes the CVE names for the correlating problem. > > Trying using the CVE search mechanism on MandrakeSecure. That should be > > adequate. Nessus tells you CVE-bla-bla, you go to MandrakeSecure and do the > > CVE search for CVE-bla-bla, and immediately you find what advisories, if any > > deal with that CVE name. > > > > And contrary to your shouting, I have nothing against Nessus... I like it. > > But I'm not gonna turn around name packages > > "openssh-3.6.1p2-CVE-2003-xxxx-1.1mdk" just so you can avoid using a very > > simple search field on the website. > > > > (BTW, this was implemented a *long* time ago) > > Haven't messed with Nessus recently, does it have or can it use a > database backend for vulnerability information? I was thinking of how to > automatically extract the CVE reference and Mandrake RPM version from > your announcements (just the kind of insecure hack to a security system > that warms the cockles of the corporate heart).
Smarter minds than mine will have to figure that out. I've used nessus for scanning a few times, but never really looked at it's internals. I'm sure you could probably accomplish something with NASL (I think that's what their scripting language is called). It would actually be pretty simple (I would think) to "ask" MandrakeSecure about a CVE name and see if returns a mandrake advisory number and (for the GUI junkies out there) make it a clickable link to the web advisory. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature
