Since there are some people checking CVE references for the Nessus' plugins I figured it would be useful to improve the nessus-extract script I provided a while back (available under nessus-tools/) to automate this retrieval. I have also added a little snippet of code to retrieve the Bugtraq-IDs associated with some vulnerabilities, not many scripts use them, but there are some that do that lack a CVE reference (and it would be easy to retrieve it using cross-reference) The script might not be 100% fullproff but I attach the CSV output for the latest CVS plugin sources. If you want to test this yourself patch the script (diff attached too) and run: nessus-extract.pl -f csv -p LOCATION_OF_PLUGINS_SCRIPTS Hope this is useful (comments/suggestions always welcome). Best regards Javi PS: Renaud, could you please apply the patch to the current version of nessus-extract.pl in CVS? Thanks.
Attachment:
nessus-extract.zip
Description: Zip compressed data