OpenVAS Change Request #61: NVT Description break-up
Status: Voted +6. Completed in October 2013.
Improve NVT plugins meta-information organization. Extract common information blocks from NVT Description field into script xrefs and tags.
- Discussion on mailing list openvas-plugins from November 2011
- Discussion on mailing list openvas-plugins from January 2013
- Next stage discussion on mailing list openvas-plugins from February 2013
- Sample script: Nero MediaHome Server Multiple Remote DoS Vulnerabilities
- Sample script: Xpdf Multiple Vulnerabilities
Currently, a good chunk of NVT plugins meta-information is dumped as-is under headers/titles in the NVT Description field. Examples of such information includes References, Vulnerability Insight, Vulnerability Detection, Affected Software/OS, Solution/Fix etc,. This makes extracting and displaying relevant content for the user less practical.
This gets worse because of the lack of a formal and unique structure for the included information in NVT Description field, making the information structure less consistent between different NVT plugins.
Moving these information blocks into relevant script tags would make using them easier and less tedious.
Another reason for the description refinement is that it allows improved reporting on scan results. It can be more refined on the one hand and on the other hand it is possible to offer different levels of detail (short, medium, full.)
In order to stay backward compatible (until OpenVAS-5 EOL), the extracted information blocks should be kept in the Description field (as well as inserted into the script tags.) These information blocks will be stored in string variables in the NVT script to stay consistent between both fields. Once all the supported OpenVAS versions include the needed fixes and improvements to adapt to the script tags changes, this duplication will be removed from the NVT Description field.
It would take some time to convert most of the plugins that are currently included in the feed repository. Tools used to auto-generate plugins also need to be adapted to generated plugins in this new style. It will also take some extra handcrafting work to adapt writing plugins in order to get a structured and coherent format for all new plugins.
Design and Implementation
The following steps would need to be done:
Define a set of information blocks to extract from the NVT Description field. This should also define a new plugin structure to be respected by newly written plugins:
- Vulnerability Detection
- Vulnerability Insight
- Affected Software/OS
Write a script to convert the set of already included plugins by extracting the relevant information blocks into string variables that will be inserted (back) in the description field as well script tags while staying backward compatible with older OpenVAS versions by using a conditional version check before inserting the new script tags.
Adapt tools like LSC Generator to generate plugins respecting the new plugins style.
- 2013-10-31 Jan-Oliver Wagner <jan-oliver.wagner at greenbone dot net>:
Updated status to completed.
- 2013-04-16 Jan-Oliver Wagner <jan-oliver.wagner at greenbone dot net>:
Updated status to voted and in development.
- 2013-03-25 Jan-Oliver Wagner <jan-oliver.wagner at greenbone dot net>:
Detailed information blocks.
- 2013-03-25 Hani Benhabiles <hani.benhabiles at greenbone dot net>: