vFeed The Open Source Cross Linked VDB v0.4.0 released (Support of OpenVAS, DISA/IAVM…)

vFeed The Open Source Cross Linked VDB v0.4.0 released (Support of OpenVAS, DISA/IAVM…)

vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.

It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards


Key features

  • Built using open source technologies
  • Fully downloadable SQLite local vulnerability database
  • Structured new XML format to describe vulnerabilities
  • Based on major open standards CVE, CPE, CWE, CVSS..
  • Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
  • Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
  • Simple & ready to use Python module with more than 15 methods

changelog v0.4.0

  • Refactored the exportXML method as a separate class vFeedXML (exportxml.py). The method export() could be invoked to generate the appropriate vFeed XML format
  • Changed methods name to something “pythonic compliant names” according to Andres Riancho (Thanks to David Mirza for python documentation). Format is now get_cve, get_cpe etc instead of the awful checkCVE, checkCPE …(Issue Ref: https://github.com/toolswatch/vFeed/issues/13)
  • Added the support to DISA/IAVM database (Information Assurance Vulnerability Alert) advisories from DoD-CERT. When available, the IAVM id and DISA VMSkey are reported
  • Added the support to CERT-VN (CERT Vulnerability Notes Database (VU)). When available, the CERT-VU and Link are reported.
  • Added the support to SCIP database effort from folks at www.scip.ch. The ids and link are reported (thanks to Marc Ruef @mruef for the help)
  • Added the support to OpenVAS (www.openvas.org). Whenever a reference exists, the ID, script file(s), family(s) and title are reported
  • Added the support to Cisco Security Advisories (http://tools.cisco.com/security/center/publicationListing.x)
  • Added the support to Ubuntu USN Security Notices (http://www.ubuntu.com/usn/)
  • Added the support to Gentoo GLSA http://www.gentoo.org/security/en/glsa/
  • Added the support to Fedora Security advisories (http://www.redhat.com/archives/fedora-announce-list/)
  • To reflect the newest cross references, the following new methods have been added
  • get_iavm to check for DISA/IAVM ids associated with a CVE
  • get_scip to check for SCIP database ids
  • get_certvn to enumerate the CERT-VN ids
  • get_openvas to list the OpenVAS Vulnerability scanner scripts. It always classy to have both Nessus and OpenVAS scripts 😉
  • get_cisco to list cisco patchs
  • get_ubuntu to list ubuntu patchs
  • get_gento. You bet, it’s for listing the Gentoo patchs
  • get_fedora to list the fedora patchs
  • Despite the fact the OSVDB ids was already mapped with vFeed since the beginning, a new method get_osvdb has been added to enumerate them when available.
  • Added get_milw0rm method even if the website is deprecated (for old time’s sake)
  • Introduced vfeedcli.py instead of awful script name vFeed_Calls_1.py. From now on, vFeed CLI should be used to get CVE attributes
  • Slightly modified the get_cve keys to (summary, published and modified). Check the vfeedcli.py code source.
  • vFeed XML format slightly modified. It’s still easy to read and to parse.
  • Minor bug fixed (when a CVE is missed, vFeed exits)
  • vfeed.db regenerated to support the newest changes
  • Documentation should be updated the reflect the major methods name changes


NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"