logo
DATABASE RESOURCES PRICING ABOUT US

vulners NSE Script

Description

For each available CPE the script prints out known vulns (links to the correspondent info) and correspondent CVSS scores. Its work is pretty simple: * work only when some software version is identified for an open port * take all the known CPEs for that software (from the standard nmap -sV output) * make a request to a remote server (vulners.com API) to learn whether any known vulns exist for that CPE * if no info is found this way, try to get it using the software name alone * print the obtained info out NB: Since the size of the DB with all the vulns is more than 250GB there is no way to use a local db. So we do make requests to a remote service. Still all the requests contain just two fields - the software name and its version (or CPE), so one can still have the desired privacy. ## Script Arguments #### vulners.mincvss Limit CVEs shown to those with this CVSS score or greater. #### slaxml.debug See the documentation for the [slaxml](<../lib/slaxml.html#script-args>) library. #### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the [smbauth](<../lib/smbauth.html#script-args>) library. #### http.host, http.max-body-size, http.max-cache-size, http.max-pipeline, http.pipeline, http.truncated-ok, http.useragent See the documentation for the [http](<../lib/http.html#script-args>) library. ## Example Usage nmap -sV --script vulners [--script-args mincvss=<arg_val>] <target> ## Script Output 53/tcp open domain ISC BIND DNS | vulners: | ISC BIND DNS: | CVE-2012-1667 8.5 https://vulners.com/cve/CVE-2012-1667 | CVE-2002-0651 7.5 https://vulners.com/cve/CVE-2002-0651 | CVE-2002-0029 7.5 https://vulners.com/cve/CVE-2002-0029 | CVE-2015-5986 7.1 https://vulners.com/cve/CVE-2015-5986 | CVE-2010-3615 5.0 https://vulners.com/cve/CVE-2010-3615 | CVE-2006-0987 5.0 https://vulners.com/cve/CVE-2006-0987 |_ CVE-2014-3214 5.0 https://vulners.com/cve/CVE-2014-3214 ## Requires * [http](<../lib/http.html>) * [json](<../lib/json.html>) * [string](<>) * [table](<>) * [nmap](<../lib/nmap.html>) * [stdnse](<../lib/stdnse.html>) * * *


Related