policy/frameworks/software/vulnerable.bro
-
Software
Provides a variable to define vulnerable versions of software and if a version of that software is as old or older than the defined version a notice will be generated.
| Namespace: | Software |
|---|---|
| Imports: | base/frameworks/control, base/frameworks/notice, base/frameworks/software |
| Source File: | /scripts/policy/frameworks/software/vulnerable.bro |
Summary
Options
Software::vulnerable_versions: table &redef |
This is a table of software versions indexed by the name of the software and a set of version ranges that are declared to be vulnerable for that software. |
Software::vulnerable_versions_update_endpoint: string &redef |
The DNS zone where runtime vulnerable software updates will be loaded from. |
Software::vulnerable_versions_update_interval: interval &redef |
The interval at which vulnerable versions should grab updates over DNS. |
Redefinitions
Notice::Type: enum |
Detailed Interface
Options
-
Software::vulnerable_versions Type: table[string] ofset[Software::VulnerableVersionRange]Attributes: &redefDefault: {}This is a table of software versions indexed by the name of the software and a set of version ranges that are declared to be vulnerable for that software.
Types
-
Software::VulnerableVersionRange Type: - min:
Software::Version&optional The minimal version of a vulnerable version range. This field can be undefined if all previous versions of a piece of software are vulnerable.
- max:
Software::Version The maximum vulnerable version. This field is deliberately not optional because a maximum vulnerable version must always be defined. This assumption may become incorrect if all future versions of some software are to be considered vulnerable. :)
- min:
Copyright 2016, The Bro Project.
Last updated on December 07, 2018.
Created using Sphinx 1.8.2.