On Fri Sep 26, 2003 at 09:17:36AM -0400, Albert Whale wrote: > >>Smarter minds than mine will have to figure that out. I've used > >>nessus for > >>scanning a few times, but never really looked at it's internals. I'm > >>sure > >>you could probably accomplish something with NASL (I think that's > >>what their > >>scripting language is called). > >> > >>It would actually be pretty simple (I would think) to "ask" > >>MandrakeSecure > >>about a CVE name and see if returns a mandrake advisory number and > >>(for the > >>GUI junkies out there) make it a clickable link to the web advisory. > >> > >> > >> > >That's an excellent Idea. > > > Does this function exist? Because if it was available and produced the > recommended RPM List (per the OS requested from the > /etc/mandrake-release), we could automate this issue for Nessus.
No, it doesn't. I can easily make it return the CVE name; that would be a 10 minute thing I'm guessing. Returning the rpm list is the interesting part. This would be no different than your chart. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature
