On Sonntag, 5. Juli 2015, Jonathan Rey wrote: > I would like to know if it's possible to have more information about the OID > structure. It is possible to obtain the whole structure about this page? => > http://www.openvas.org/openvas-oids.html
that page describes the current OID idea. > I need to do some comparison and matching with CVE. For me, CVE is the > reference for all vulnerabilities but he is not always present in your > reports. In your reports of analyses, I saw one OID reference is always > present. With that I guess it's for referencing the vulnerability internally > and probably match with OVAL. I founded this page > http://www.openvas.org/openvas-cr-13.html for have a matching OVAL! But I > don't understand clearly for the moment. Can you help me how I can match the > reference between OID and OVAL? Because OVAL use too the CVE reference. OVAL and CVE and NVTs have each their own ID scheme. CVE-only as reference will never work for a comprehensive up-to-date vulnerability scanner. There always will occur vulnerability tests not (yet) associated with CVE. I recently played with the idea to map all CVE IDs into our OID scheme, but there must be clear benefit for practice to do so. I assume that we might refine our long-neglected OID scheme with upcoming OSP 2. -- Dr. Jan-Oliver Wagner | +49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
