vFeed


Tools

Published on July 15th, 2013 | by NJ Ouchn

0

vFeed The Open Source Cross Linked VDB v0.4.0 released (Support of OpenVAS, DISA/IAVM…)

vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.

It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards

openstandard2

Key features

  • Built using open source technologies
  • Fully downloadable SQLite local vulnerability database
  • Structured new XML format to describe vulnerabilities
  • Based on major open standards CVE, CPE, CWE, CVSS..
  • Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
  • Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
  • Simple & ready to use Python module with more than 15 methods

changelog v0.4.0

  • Refactored the exportXML method as a separate class vFeedXML (exportxml.py). The method export() could be invoked to generate the appropriate vFeed XML format
  • Changed methods name to something “pythonic compliant names” according to Andres Riancho (Thanks to David Mirza for python documentation). Format is now get_cve, get_cpe etc instead of the awful checkCVE, checkCPE …(Issue Ref: https://github.com/toolswatch/vFeed/issues/13)
  • Added the support to DISA/IAVM database (Information Assurance Vulnerability Alert) advisories from DoD-CERT. When available, the IAVM id and DISA VMSkey are reported
  • Added the support to CERT-VN (CERT Vulnerability Notes Database (VU)). When available, the CERT-VU and Link are reported.
  • Added the support to SCIP database effort from folks at www.scip.ch. The ids and link are reported (thanks to Marc Ruef @mruef for the help)
  • Added the support to OpenVAS (www.openvas.org). Whenever a reference exists, the ID, script file(s), family(s) and title are reported
  • Added the support to Cisco Security Advisories (http://tools.cisco.com/security/center/publicationListing.x)
  • Added the support to Ubuntu USN Security Notices (http://www.ubuntu.com/usn/)
  • Added the support to Gentoo GLSA http://www.gentoo.org/security/en/glsa/
  • Added the support to Fedora Security advisories (http://www.redhat.com/archives/fedora-announce-list/)
  • To reflect the newest cross references, the following new methods have been added
  • get_iavm to check for DISA/IAVM ids associated with a CVE
  • get_scip to check for SCIP database ids
  • get_certvn to enumerate the CERT-VN ids
  • get_openvas to list the OpenVAS Vulnerability scanner scripts. It always classy to have both Nessus and OpenVAS scripts 😉
  • get_cisco to list cisco patchs
  • get_ubuntu to list ubuntu patchs
  • get_gento. You bet, it’s for listing the Gentoo patchs
  • get_fedora to list the fedora patchs
  • Despite the fact the OSVDB ids was already mapped with vFeed since the beginning, a new method get_osvdb has been added to enumerate them when available.
  • Added get_milw0rm method even if the website is deprecated (for old time’s sake)
  • Introduced vfeedcli.py instead of awful script name vFeed_Calls_1.py. From now on, vFeed CLI should be used to get CVE attributes
  • Slightly modified the get_cve keys to (summary, published and modified). Check the vfeedcli.py code source.
  • vFeed XML format slightly modified. It’s still easy to read and to parse.
  • Minor bug fixed (when a CVE is missed, vFeed exits)
  • vfeed.db regenerated to support the newest changes
  • Documentation should be updated the reflect the major methods name changes

Download/Fork/Contribute

Tags: , , , , , , , , ,


About the Author

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"



Back to Top ↑