Hello, As you have probably noticed, Chrandra has been very busy during the last weeks and has updated a large number of NVTs.
The aim of these updates was to provide every single NVT with a "Risk Factor" and -- where possible -- a CVSS Base value through the script_tag command to simplify processing of this information and to make it better available to other modules like openvas-manager and the GSA. For details see the OpenVAS change requests #41 (http://www.openvas.org/openvas-cr-41.html) and #42 (http://www.openvas.org/openvas-cr-42.html). To have this information as complete as possible, all NVT authors should follow these guidelines when committing new NVTs to the SVN: - All NVTs must contain a value for the tag "risk_factor", which can be set with the following command: script_tag(name:"risk_factor", value:"High"); Valid values for risk_factor are: "Critical", "High", "Medium", "Low" and "None". - All NVTs which set a CVE reference with the script_cve_id() command must include the CVSS Base value which was assigned to that CVE. The value for the "cvss_base" tag can be set with the following command: script_tag(name:"cvss_base", value:"7.8"); If you have automated NVT creation tools, please adjust them accordingly so that this information is set in your NVTs. If there are any questions feel free to respond on the openvas-plugins mailing list or contact me. Thank you for your cooperation! Regards, Michael -- Michael Wiegand | Greenbone Networks GmbH | http://www.greenbone.net/ Neuer Graben 17, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
