Table SIEM.public.adv_nxs_osvdb_details
Known vulnerabilities from the OSVDB and the classification to which the vulnerability applies.

 Generated by
SchemaSpy
Legend:
Primary key columns
Columns with indexes
Implied relationships
Excluded column relationships
< n > number of related tables
 
Column Type Size Nulls Auto Default Children Parents Comments
osvdb_id int4 10
adv_nxs_kb_patch.osvdb_id adv_nxs_kb_patch_osvdb_id_fkey R
adv_nxs_kb_patch_v.osvdb_id Implied Constraint R
adv_nxs_kb_productsref.osvdb_id adv_nxs_kb_productsref_osvdb_id_fkey R
adv_nxs_kb_productsref_v.osvdb_id Implied Constraint R
adv_nxs_osvdb_details_v.osvdb_id Implied Constraint R
The unique ID of the vulnerability in the OSVDB.
osvdb_title varchar 256  √  null The normalized name of the vulnerability.
description text 2147483647  √  null A brief description of the vulnerability.
urgency int4 10  √  null Indicates the urgency of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
severity int4 10  √  null Indicates the severity of the vulnerability. The rating is 1- 10. The higher the number, the more urgent the vulnerability.
attack_type_auth_manage bool 1 TRUE indicates that the attack type is authentication management. For example, brute force attack, default password, and cookie poisoning.
attack_type_crypt bool 1 TRUE indicates that the attack type is cryptographic. For example, weak encryption (implementation or algorithm), no encryption (plaintext), and sniffing.
attack_type_dos bool 1 TRUE indicates that the attack type is denial of service. For example, saturation flood, crash, lock up, and forced reboot.
attack_type_hijack bool 1 TRUE indicates that the attack type is hijack. For example, man-in-the-middle attacks, IP spoofing, session timeout or take-over, and session replay.
attack_type_info_disclose bool 1 TRUE indicates that the attack type is information disclosure. For example, comments, passwords, fingerprinting, and system information.
attack_type_infrastruct bool 1 TRUE indicates that the attack type is infrastructure. For example, DNS poisoning and route manipulation.
attack_type_input_manip bool 1 TRUE indicates that the attack type is input manipulation. For example, XSS, SQL injection, file retrieval, directory traversal, overflows, and URL encoding.
attack_type_miss_config bool 1 TRUE indicates that the attack type is misconfiguration. For example, default files, debugging enabled, and directory indexing.
attack_type_race bool 1 TRUE indicates that the attack type is race condition. For example, symlink.
attack_type_other bool 1 TRUE indicates that the attack type does not fall under any of the above attack types.
attack_type_unknown bool 1 TRUE indicates that the attack type is unknown.
impact_confidential bool 1 TRUE indicates that the impact of the attack(s) is loss of confidential information. For example, passwords, server information, environment variables, confirmation of file existence, path disclosure, file content access, and SQL injection.
impact_integrity bool 1 TRUE indicates that the impact of the attack(s) is loss of integrity, which results in data modifications by unauthorized persons. For example, unauthorized file modification, deletion, or creation, remote file inclusion, and arbitrary command execution.
impact_available bool 1 TRUE indicates that the impact of the attack is loss of availability of a service or information.
impact_unknown bool 1 TRUE indicates that the impact of the attack is unknown.
exploit_available bool 1 TRUE indicates that the exploit is available for the vulnerability.
exploit_unavailable bool 1 TRUE indicates that the exploit is not available for the vulnerability.
exploit_rumored bool 1 TRUE indicates that the exploit is rumored to exist for the vulnerability.
exploit_unknown bool 1 TRUE indicates that the exploit is unknown for the vulnerability.
vuln_verified bool 1 TRUE indicates that the existence of the vulnerability has been verified.
vuln_myth_fake bool 1 TRUE indicates that the vulnerability is a myth or a false alarm.
vuln_best_prac bool 1 TRUE indicates that the vulnerability is a result of not following the best practices in the configuration or usage of the vulnerable system or software.
vuln_concern bool 1 TRUE indicates that the vulnerability requires additional concern for remediation.
vuln_web_check bool 1 TRUE indicates that the vulnerability is a common problem in Web servers or Web applications.
attack_scenario text 2147483647  √  null Description of how a vulnerability can be exploited.
solution_description text 2147483647  √  null Description of the solution that is used to fix the vulnerability.
full_description text 2147483647  √  null The complete description of the vulnerability.
location_physical bool 1 TRUE indicates that the vulnerability can be exploited with only physical system access<literal/>.
location_local bool 1 TRUE indicates that the vulnerability can be exploited on a local system.
location_remote bool 1 TRUE indicates that the vulnerability can be exploited on a remote system.
location_dialup bool 1 TRUE indicates that the vulnerability can be exploited using a dial-up connection.
location_unknown bool 1 TRUE indicates that the vulnerability is exploited in an unknown location.
published timestamp 29,6 Time stamp indicating when the vulnerability was published in the OSVDB.
inserted timestamp 29,6 Time stamp indicating when the vulnerability was inserted in the vendor database.
updated timestamp 29,6 Time stamp indicating when the vulnerability was updated in the vendor database.
date_created timestamp 29,6 Date the entry was created
date_modified timestamp 29,6 Date the entry was modified
created_by int4 10  √  null User who created object
modified_by int4 10  √  null User who last modified object

Table contained 0 rows at Mon Mar 26 23:24 EDT 2012

Indexes:
Column(s) Type Sort Constraint Name
osvdb_id Primary key Asc adv_nxs_osvdb_details_pkey

Close relationships: