Class Index | File Index

Classes

Class Vuln

The Vuln class provides methods for defining and storing vulnerabilities detected on enterprise assets. It depends on several other classes, including the Asset class, the Scanner class, and the Scan class. In general, a vulnerability scanner will perform a scan of an enterprise asset checking all ports on that asset for known vulnerabilities. The entire result set of that scan will be placed in a file which is then processed by a Collector. The process followed is usually to construct a Scanner object which describes the vulnerability scanner, then a Scan object which describes the full scan that took place. Then, a Vuln object is created for each detected vulnerability, attached to the relevant Asset, and stored in the database. It is also possible for the vulnerability scanner to perform a 'partial' scan which means that only specific ports are scanned. In this case, the scan data will not replace the entire set of vulnerability information known for an assset, but only for those ports which were scanned. The class accepts a pre-defined set of vulnerability attributes:

'*' - VulnID is a *required* attribute Note that any given vulnerability is uniquely identified by the following attributes: VulnID, Name, PortNum, Protocol, HostOS, HostApp, HostOS. This means that if you attempt to add multiple vulnerabilities with all of these attributes set to the same values, the new vulnerability will REPLACE the old vulnerability.
Defined in: vuln.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
Vuln(properties)
Constructs an instance of the Vuln class which represents a single vulnerability on a single asset.
Method Summary
Method Attributes Method Name and Description
 
add2EI(name, val)
Adds the arguments to the Vulnerability ExtendedInformation field.
 
addRef(type, id)
Adds an external VulnRef to the vulnerability, such as a CVE, BID, MS, or RedHat reference.
 
find()
Finds the asset(s) in the Sentinel database.
Class Detail
Vuln(properties)
Constructs an instance of the Vuln class which represents a single vulnerability on a single asset.
Author: Novell Engineering. 
var nextVuln = new Vuln({"VulnID": rec.input.col_ID, "Description": rec.input.col_MSG, "Name": rec.input.col_VULN });
myscan.attachVuln(nextVuln);
Parameters:
{Object} properties
Set of pre-defined properties used to initialize this object
See:
Scan
Scanner
Asset
Method Detail
{Boolean} add2EI(name, val)
Adds the arguments to the Vulnerability ExtendedInformation field. The ExtendedInformation field has a pre-defined internal format as name-value pair. To enforce this format, use this method to add data to this field. 
vuln.add2EI( "Risk Factor", rec.s_RXBufferString.substr(20,30);
Parameters:
{String} name
The attribute name that will be set
{String} val
The value for that attribute
Returns:
{Boolean} A Boolean to indicate successful completion
addRef(type, id)
Adds an external VulnRef to the vulnerability, such as a CVE, BID, MS, or RedHat reference. External references are used to look up additional information about vulnerabilities detected by the scanner; this implementation knows about CVE, BID, MS, and RHSA types, and will provide URL references for these. * CVE : MITRE's Common Vulnerabilities and Exposures * BID : SecurityFocus Bugtraq ID * MS : Microsoft Security Bulletins * RHSA : RedHat Errata 
vuln.addRef("CVE",rec.cveid);
Parameters:
{String} type
One of 'CVE', 'BID', 'MS, or 'RHSA' to indicate the type of reference
{String} id
The vulnerability external reference ID
{Asset[]} find()
Finds the asset(s) in the Sentinel database. NOT YET IMPLEMENTED.
Returns:
{Asset[]} Matching assets.
©2008
Documentation generated by JsDoc Toolkit 2.0.2 on Thu Oct 07 2010 07:23:18 GMT-0400 (EDT)