Allow OpenVAS import to import vulns without references.
Local scanning didn't show any results that had CVEs or BIDs, which the default OpenVAS import logic skips. This modifies the importer to allow for importing vulns even if they do not have references.
This commit is contained in:
parent
1bd4a8d752
commit
3887fb41b1
|
@ -138,34 +138,27 @@ module Parser
|
|||
return
|
||||
end
|
||||
|
||||
references = []
|
||||
if @state[:cves] and @state[:cves] != "NOCVE" and !@state[:cves].empty?
|
||||
@state[:cves].split(',').each do |cve|
|
||||
vuln_info = {}
|
||||
vuln_info[:host] = @state[:host]
|
||||
vuln_info[:refs] = normalize_references([{ :source => "CVE", :value => cve}])
|
||||
vuln_info[:name] = @state[:vuln_name]
|
||||
vuln_info[:info] = @state[:vuln_desc]
|
||||
vuln_info[:port] = @state[:port]
|
||||
vuln_info[:proto] = @state[:proto]
|
||||
vuln_info[:workspace] = @args[:workspace]
|
||||
|
||||
db_report(:vuln, vuln_info)
|
||||
references.append({ :source => "CVE", :value => cve})
|
||||
end
|
||||
end
|
||||
if @state[:bid] and @state[:bid] != "NOBID" and !@state[:bid].empty?
|
||||
@state[:bid].split(',').each do |bid|
|
||||
vuln_info = {}
|
||||
vuln_info[:host] = @state[:host]
|
||||
vuln_info[:refs] = normalize_references([{ :source => "BID", :value => bid}])
|
||||
vuln_info[:name] = @state[:vuln_name]
|
||||
vuln_info[:info] = @state[:vuln_desc]
|
||||
vuln_info[:port] = @state[:port]
|
||||
vuln_info[:proto] = @state[:proto]
|
||||
vuln_info[:workspace] = @args[:workspace]
|
||||
|
||||
db_report(:vuln, vuln_info)
|
||||
references.append({ :source => "BID", :value => bid})
|
||||
end
|
||||
end
|
||||
|
||||
vuln_info = {}
|
||||
vuln_info[:host] = @state[:host]
|
||||
vuln_info[:refs] = normalize_references(references)
|
||||
vuln_info[:name] = @state[:vuln_name]
|
||||
vuln_info[:info] = @state[:vuln_desc]
|
||||
vuln_info[:port] = @state[:port]
|
||||
vuln_info[:proto] = @state[:proto]
|
||||
vuln_info[:workspace] = @args[:workspace]
|
||||
db_report(:vuln, vuln_info)
|
||||
end
|
||||
|
||||
def record_service
|
||||
|
|
Loading…
Reference in New Issue