Collaborate Disseminate
Ubuntu publishes OVAL feed for automating the detection of CVEs. I also notice there is ubuntu-cve-tracker (https://launchpad.net/ubuntu-cve-tracker) and grype/anchore uses that as a source of CVE feed.
Why is the Ubuntu OVAL feed itself n… Continue reading Why grype/anchore use ubuntu-cve-tracker (launchpad) as feed to detect Ubuntu CVE?
I was wondering where to find different OVAL definition files, and XCCDF benchmarks for running evaluations with OpenSCAP.
I tried downloading from CIS Benchmarks but I didn’t receive the email link, so I couldn’t download anything.
Thank … Continue reading Where to download OVAL definitions and baselines for OpenSCAP? [closed]
OVAL is the Open Vulnerability Assessment Language, which uses XML based documents to define vulnerabilities based on characteristics of a host system. It can also be used to gather information about the host. When an OVAL file is evaluated, it generat… Continue reading Validating XML Schema of OVAL Documents with Python
There is a OVAL Queries option in nvd vulnerability database search form, but I can’t find out how to use it.
Do anyone know?
Continue reading How to use OVAL to query nvd.nist.gov vulnerability databse [closed]
I am working on a project that uses OpenSCAP and the OVAL vulnerability definitions provided by CISecurity (Example definitions file Warning: link will auto-download the file).
This is a huge definitions file, containing ove… Continue reading Break down the CISecurity OVAL definitions file to smaller definition files
I’m trying to parse Debian OVAL feeds to establish if some packages are vulnerable or not. I’m using criterions to establish what’s the vulnerable version for a package, however often there are entries saying that “version is… Continue reading Version earlier than 0 in Debian OVAL feeds
So i am trying to make line test for Cisco IOS device. I am using SSH and enable privilege exec mode (Joval even can do this automatically). Here is my line_object:
<show_subcommand>show virtual-service version install… Continue reading "Not applicable" on simple Cisco IOS OVAL definition processed in Joval tool
I’ve seen somewhere that in 32-bit and 64-bit Windows registry structure is different so you need to use flag windows_view=”32_bit” in registry object behaviors tag. But i forgot about it and tested my files with OVALdi on 32… Continue reading What does "windows_view" attribute of registry object in OVAL?
I am writing a lot of OVAL files and use pretty much the same objects and states. So i wanted to make it more flexible to manage. I used oval_decomposition.py script from CISecurity and got structure with files in different f… Continue reading CISecurity’s OVALRepo has decomposition module, but how to get the xml back afterwards? [on hold]
I’m trying to become more familiar with OVAL tst def and obj references in joval xml definition files.
For example, I’ll see stuff like:
<criterion comment=”Foo” test_ref=”oval:org.mitre.oval:tst:123″ />
And then… Continue reading What’s the difference between OVAL definitions, objects, and tests?