English | Deutsch
Home »

OpenVAS Change Request #61: NVT Description break-up

Status: Voted +6. Completed in October 2013.

Purpose

Improve NVT plugins meta-information organization. Extract common information blocks from NVT Description field into script xrefs and tags.

References

Rationale

Currently, a good chunk of NVT plugins meta-information is dumped as-is under headers/titles in the NVT Description field. Examples of such information includes References, Vulnerability Insight, Vulnerability Detection, Affected Software/OS, Solution/Fix etc,. This makes extracting and displaying relevant content for the user less practical.

This gets worse because of the lack of a formal and unique structure for the included information in NVT Description field, making the information structure less consistent between different NVT plugins.

Moving these information blocks into relevant script tags would make using them easier and less tedious.

Another reason for the description refinement is that it allows improved reporting on scan results. It can be more refined on the one hand and on the other hand it is possible to offer different levels of detail (short, medium, full.)

Effects

In order to stay backward compatible (until OpenVAS-5 EOL), the extracted information blocks should be kept in the Description field (as well as inserted into the script tags.) These information blocks will be stored in string variables in the NVT script to stay consistent between both fields. Once all the supported OpenVAS versions include the needed fixes and improvements to adapt to the script tags changes, this duplication will be removed from the NVT Description field.

It would take some time to convert most of the plugins that are currently included in the feed repository. Tools used to auto-generate plugins also need to be adapted to generated plugins in this new style. It will also take some extra handcrafting work to adapt writing plugins in order to get a structured and coherent format for all new plugins.

Design and Implementation

The following steps would need to be done:

  1. Define a set of information blocks to extract from the NVT Description field. This should also define a new plugin structure to be respected by newly written plugins:

    • Summary
    • Vulnerability Detection
    • Vulnerability Insight
    • Impact
    • Affected Software/OS
    • Solution
    • References

  2. Write a script to convert the set of already included plugins by extracting the relevant information blocks into string variables that will be inserted (back) in the description field as well script tags while staying backward compatible with older OpenVAS versions by using a conditional version check before inserting the new script tags.

  3. Adapt tools like LSC Generator to generate plugins respecting the new plugins style.

History