On Mon, Apr 05, 2004 at 09:23:47AM +0200, Javier Fernandez-Sanguino wrote:
Renaud Deraison wrote:
Yes, it's part of the plan. I'm waiting for a good OSVDB<->Nessus mapping and I'll integrate the references.
It shouldn't be too difficult to generate one based on the CVE References. Is somebody doing this already?
This is more tricky than what it seems. Some CVE entries are "wildcards", like "a backdoor is installed" or "a default password is set", thus resulting in improper mappings.
Yes, I know, but most (if not all) of those "generic" entries were generated when CVE was created so are all dated CAN|CVE-1999 (from my experience). Nevertheless, if cross mapped also with another vulnerability database (such as Bugtraq) it should be fairly easy to spot those (since Bugtraq does not hold those generic entries).
Regards
Javier _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
