Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OSVDB replacements #351

Closed
wireghoul opened this issue Apr 8, 2016 · 5 comments
Closed

OSVDB replacements #351

wireghoul opened this issue Apr 8, 2016 · 5 comments
Milestone
Nikto 2.2.0

Comments

@wireghoul
Copy link
Contributor

With OSVDB shutting down the identifiers will no longer be helpful when trying to assess a nikto finding. Hopefully valid counter parts can be found for most (all?) of the existing OSVDB ids.
@sullo
Copy link
Owner

sullo commented Apr 8, 2016

I have some stashed code (I think) to turn the OSVDB field into general reference field. We'll just need a mapping (I believe CVE has one for many OSVDB refs). I didn't implement because it's a major change and should probably be in a full new release (which should also fix updating). And also because I don't like the limitation of one ref/url in that field, and don't like to have nested csv...

@sullo sullo added this to the Nikto 2.2.0 milestone May 7, 2016
@l0nedigit
Copy link

Sullo, just wanted to follow up on this. Is there anything on the roadmap to address this? Realize it's been a long time since this issue was put in, just ran into a use case recently where having the CVE would be beneficial. Considering the osvdb.org shut down and is now a paid subscription service (VulnDB), it'd be nice if the tool continued to utilize open source standards.

Perhaps I could help out with the migration?

sullo added a commit that referenced this issue Mar 6, 2020
@sullo
Minor prep work for #351
4293eac
sullo added a commit that referenced this issue Mar 7, 2020
@sullo
Replace osvdb.org links to point to the VulnersDB.
53e71d6 
Don't link to OSVDB-0 (placeholder).
Rename HTML report specify "References" and not "OSVDB"
all part of #351
@sullo
Copy link
Owner

sullo commented Mar 7, 2020

OSVDB references will now point to vulners.com which has a pretty good archive of them which are in turn cross-referenced.

Did some additional prep work to move away from OSVDB as the unique reference.

sullo added a commit that referenced this issue Mar 9, 2020
@sullo
Initial step moving from OSVDB to other references for #351
8f5577f 
- Made '0' OSVDB ID's to null
- Cleaned up several "See "... to be in references. More to follow.
@l0nedigit
Copy link

Thanks, pulled the latest code and XML output now showing vulners as a reference to applicable OSVDB ID's.

sullo added a commit that referenced this issue May 1, 2021
@sullo
More OSVDB code removal per #351
a0cc52c
@sullo
Copy link
Owner

sullo commented May 8, 2021

Closing this bug as it is resolved in the 2.5.0 branch, even though there are still quite a few osvdb references. Any remaining will point to a potential mirror for a URL, and it will be ongoing work to eliminate them all.

@sullo sullo closed this as completed May 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Nikto 2.2.0
Development

No branches or pull requests
3 participants
@wireghoul @sullo @l0nedigit