Home page logo

nmap-dev logo Nmap Development mailing list archives

From: "Jan-Oliver Wagner" <Jan-Oliver.Wagner () greenbone net>
Date: Fri, 1 Apr 2011 08:20:59 +0200

On Freitag, 1. April 2011, David Fifield wrote:
Henri, I'm sure you know more about how CPE is actually used than most
of us. In your opinion, would a partial result like
cpe:/o:microsoft:windows_xp be useful to people (better than nothing),
or are they going to want more precise information like

It seems like offering even a little bit of information is useful, but
if someone has the CPE hooked up to a vulnerability database or
something, they may not want to see spurious alerts about Windows XP
when the OS is actually Windows XP SP3 and already has the vulnerability

I'm trying to get information on whether it would be better to at first
implement very easy, but incomplete, CPE (like the cpeify-os.py script);
or if the output needs to be mostly complete to begin with.

From the OpenVAS point of view, it is already very helpful to have partial
information! Therefore I'd very welcome to have a first simple implementation
which we can use to test/build the full chain up to vulnerability management
It is task of the management tool to deal with incomplete CPE information.

FWIW: I don't think in this regard there exists no "incomplete CPE", just
"incomplete CPE information". AFAIKT, CPE was designed to work even with
incomplete information.



Dr. Jan-Oliver Wagner |  ++49-541-335084-0  |  http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]