policy/frameworks/software/vulnerable.bro
-
Software
Provides a variable to define vulnerable versions of software and if
a version of that software is as old or older than the defined version a
notice will be generated.
Detailed Interface
Runtime Options
-
Software::vulnerable_versions_update_endpoint
-
The DNS zone where runtime vulnerable software updates will
be loaded from.
-
Software::vulnerable_versions_update_interval
-
The interval at which vulnerable versions should grab updates
over DNS.
Redefinable Options
-
Software::vulnerable_versions
-
This is a table of software versions indexed by the name of the
software and a set of version ranges that are declared to be
vulnerable for that software.
Types
-
Software::VulnerableVersionRange
Type: | record
- min:
Software::Version &optional
The minimal version of a vulnerable version range. This
field can be undefined if all previous versions of a piece
of software are vulnerable.
- max:
Software::Version
The maximum vulnerable version. This field is deliberately
not optional because a maximum vulnerable version must
always be defined. This assumption may become incorrect
if all future versions of some software are to be considered
vulnerable. :)
|