View SIEM.public.adv_nxs_osvdb_details_v
Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies.

Generated by
SchemaSpy
Legend:
Primary key columns
Columns with indexes
Implied relationships
Excluded column relationships
< n > number of related tables
 
Column Type Size Nulls Auto Default Children Parents Comments
osvdb_id int4 10  √  null
adv_nxs_osvdb_details.osvdb_id Implied Constraint R
The unique ID of the vulnerability in the OSVDB.
osvdb_title varchar 256  √  null The normalized name of the vulnerability.
description text 2147483647  √  null A brief description of the vulnerability.
urgency int4 10  √  null Indicates the urgency of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
severity int4 10  √  null Indicates the severity of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
attack_type_auth_manage bool 1  √  null TRUE indicates that the attack type is authentication management. For example, brute force attack, default password, and cookie poisoning.
attack_type_crypt bool 1  √  null TRUE indicates that the attack type is cryptographic. For example, weak encryption (implementation or algorithm), no encryption (plaintext), and sniffing.
attack_type_dos bool 1  √  null TRUE indicates that the attack type is denial of service. For example, saturation flood, crash, lock up, and forced reboot.
attack_type_hijack bool 1  √  null TRUE indicates that the attack type is hijack. For example, man-in-the-middle attacks, IP spoofing, session timeout or take-over, and session replay.
attack_type_info_disclose bool 1  √  null TRUE indicates that the attack type is information disclosure. For example, comments, passwords, fingerprinting, and system information.
attack_type_infrastruct bool 1  √  null TRUE indicates that the attack type is infrastructure. For example, DNS poisoning and route manipulation.
attack_type_input_manip bool 1  √  null TRUE indicates that the attack type is input manipulation. For example, XSS, SQL injection, file retrieval, directory traversal, overflows, and URL encoding.
attack_type_miss_config bool 1  √  null TRUE indicates that the attack type is misconfiguration. For example, default files, debugging enabled, and directory indexing.
attack_type_race bool 1  √  null TRUE indicates that the attack type is race condition. For example, symlink.
attack_type_other bool 1  √  null TRUE indicates that the attack type does not fall under any of the above attack types.
attack_type_unknown bool 1  √  null TRUE indicates that the attack type is unknown.
impact_confidential bool 1  √  null TRUE indicates that the impact of the attack(s) is loss of confidential information. For example, passwords, server information, environment variables, confirmation of file existence, path disclosure, file content access, and SQL injection.
impact_integrity bool 1  √  null TRUE indicates that the impact of the attack(s) is loss of integrity, which results in data modifications by unauthorized persons. For example, unauthorized file modification, deletion, or creation, remote file inclusion, and arbitrary command execution.
impact_available bool 1  √  null TRUE indicates that the impact of the attack is loss of availability of a service or information.
impact_unknown bool 1  √  null TRUE indicates that the impact of the attack is unknown.
exploit_available bool 1  √  null TRUE indicates that the exploit is available for the vulnerability.
exploit_unavailable bool 1  √  null TRUE indicates that the exploit is not available for the vulnerability.
exploit_rumored bool 1  √  null TRUE indicates that the exploit is rumored to exist for the vulnerability.
exploit_unknown bool 1  √  null TRUE indicates that the exploit is unknown for the vulnerability.
vuln_verified bool 1  √  null TRUE indicates that the existence of the vulnerability has been verified.
vuln_myth_fake bool 1  √  null TRUE indicates that the vulnerability is a myth or a false alarm.
vuln_best_prac bool 1  √  null TRUE indicates that the vulnerability is a result of not following the best practices in the configuration or usage of the vulnerable system or software.
vuln_concern bool 1  √  null TRUE indicates that the vulnerability requires additional concern for remediation.
vuln_web_check bool 1  √  null TRUE indicates that the vulnerability is a common problem in Web servers or Web applications.
attack_scenario text 2147483647  √  null Description of how a vulnerability can be exploited.
solution_description text 2147483647  √  null Description of the solution that is used to fix the vulnerability.
full_description text 2147483647  √  null The complete description of the vulnerability.
location_physical bool 1  √  null TRUE indicates that the vulnerability can be exploited with only physical system access<literal/>.
location_local bool 1  √  null TRUE indicates that the vulnerability can be exploited on a local system.
location_remote bool 1  √  null TRUE indicates that the vulnerability can be exploited on a remote system.
location_dialup bool 1  √  null TRUE indicates that the vulnerability can be exploited using a dial-up connection.
location_unknown bool 1  √  null TRUE indicates that the vulnerability is exploited in an unknown location.
published timestamp 29,6  √  null Time stamp indicating when the vulnerability was published in the OSVDB.
inserted timestamp 29,6  √  null Time stamp indicating when the vulnerability was inserted in the vendor database.
updated timestamp 29,6  √  null Time stamp indicating when the vulnerability was updated in the vendor database.
date_created timestamp 29,6  √  null Date the entry was created
date_modified timestamp 29,6  √  null Date the entry was modified
created_by int4 10  √  null User who created object
modified_by int4 10  √  null User who last modified object

Analyzed at Mon Mar 26 23:24 EDT 2012


Close relationships: