vFeed Open Source Aggregated Vulnerability Database v0.4.7 released (support of HP Hotfixes, BID SecurityFocus & New Update method)

vFeed Open Source Aggregated Vulnerability Database v0.4.7 released (support of HP Hotfixes, BID SecurityFocus & New Update method)

vFeed framework is an open source naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML schema.

It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other security references and standards

openstandard2

Key features

  • Built using open source technologies
  • Fully downloadable SQLite local vulnerability database
  • Structured new XML format to describe vulnerabilities
  • Based on major open standards CVE, CPE, CWE, CVSS..
  • Support correlation with 3rd party security references (CVSS, OSVDB, OVAL…)
  • Extended to support correlation with security assessment and patch vendors (Nessus, Exploit-DB, Redhat, Microsoft..)
  • Simple & ready to use Python module with more than 15 methods

Changelog

  • Refactored the vfeed_update.py script as a separate class vFeedUpdate (vfeedupdate.py). The method update() could be invoked to update the vulnerability database vFeed.db.
  • Added the support to HP (Hewlett-Packard) patch ids
  • Added the support to BID – SecurityFocus ids
  • Updated the Ubuntu, Redhat, CERT-VN mappers. Many new IDs have been added to vFeed.db
  • To reflect the newest cross references, the following methods have been added:
    • get_hp to enumerate HP ids. This function returns the patches alonside with links (http://www.hp.com/)
    • get_bid to list SecurityFocus Ids (http://www.securityfocus.com)
    • update to download the newest vFeed.db database. python vfeedcli.py update will do the trick now.
  • vfeed.db the sqlite opensource cross linked vulnerability database fully regenerated to support the new changes
  • Documentation updated accordingly

Example

[show_hide title=”./vfeedcli.py get_hp CVE-2013-2473″][hp_id]: HPSBUX02908
[hp_link] http://marc.info/?l=bugtraq&m=137545592101387&w=2
[hp_id]: HPSBUX02907
[hp_link] http://marc.info/?l=bugtraq&m=137545505800971&w=2
[hp_id]: HPSBUX02922
[hp_link] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
[hp_id]: SSRT101305
[hp_link] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880

[stats] 4 HP id(s)[/show_hide]

[show_hide title=”./vfeedcli.py get_bid CVE-2014-1837″] [bid_id]: 65173
[bid_link] http://www.securityfocus.com/bid/65173

[stats] 1 BID id(s)[/show_hide]

[show_hide title=”./vfeedcli.py update”][info] checking for the latest vfeed.db
[progress 100 %] receiving 49 out of 49 Bytes of update.dat
[info] You have the latest vfeed.db vulnerability database
[info] Cleaning compressed database and update file[/show_hide]

[button size=large style=round color=red align=none url=https://github.com/toolswatch/vFeed ]Download [/button]

 

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"
Black Hat Arsenal 2024 Next Stop Singapore !

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch Armory at GISEC 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

ToolsWatch Armory at GISEC 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020

Top 10 Most Used MITRE ATT&CK Tactics & Techniques In 2020

Top 10 Most Exploited Vulnerabilities in 2020

Top 10 Most Exploited Vulnerabilities in 2020