vFeed Open Source Aggregated Vulnerability Database v0.4.7 released (support of HP Hotfixes, BID SecurityFocus & New Update method)

vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.

It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards

Key features

• Built using open source technologies
• Fully downloadable SQLite local vulnerability database
• Structured new XML format to describe vulnerabilities
• Based on major open standards CVE, CPE, CWE, CVSS..
• Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
• Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
• Simple & ready to use Python module with more than 15 methods

Changelog

• Refactored the vfeed_update.py script as a separate class vFeedUpdate (vfeedupdate.py). The method update() could be invoked to update the vulnerability database vFeed.db.
• Added the support to HP (Hewlett-Packard) patch ids
• Added the support to BID – SecurityFocus ids
• Updated the Ubuntu, Redhat, CERT-VN mappers. Many new IDs have been added to vFeed.db
• To reflect the newest cross references, the following methods have been added:
  • get_hp to enumerate HP ids. This function returns the patches alonside with links (http://www.hp.com/)
  • get_bid to list SecurityFocus Ids (http://www.securityfocus.com)
  • update to download the newest vFeed.db database. python vfeedcli.py update will do the trick now.
• vfeed.db the sqlite opensource cross linked vulnerability database fully regenerated to support the new changes
• Documentation updated accordingly

Example

[show_hide title=”./vfeedcli.py get_hp CVE-2013-2473″][hp_id]: HPSBUX02908
[hp_link] http://marc.info/?l=bugtraq&m=137545592101387&w=2
[hp_id]: HPSBUX02907
[hp_link] http://marc.info/?l=bugtraq&m=137545505800971&w=2
[hp_id]: HPSBUX02922
[hp_link] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
[hp_id]: SSRT101305
[hp_link] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880

[stats] 4 HP id(s)[/show_hide]

[show_hide title=”./vfeedcli.py get_bid CVE-2014-1837″] [bid_id]: 65173
[bid_link] http://www.securityfocus.com/bid/65173

[stats] 1 BID id(s)[/show_hide]

[show_hide title=”./vfeedcli.py update”][info] checking for the latest vfeed.db
[progress 100 %] receiving 49 out of 49 Bytes of update.dat
[info] You have the latest vfeed.db vulnerability database
[info] Cleaning compressed database and update file[/show_hide]

[button size=large style=round color=red align=none url=https://github.com/toolswatch/vFeed ]Download [/button]