/bundles/itninjaweb/img/Breadcrumb_cap_w.png
Is there a way to scan a group of computers for a specific vulnerability (referenced by its CVE designation)? I was thinking this would be a lightweight way to demonstrate the effectiveness of a patch that had been rolled out. thanks, Owen.
0 Comments   [ - ] Hide Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity

Answers

0
I'm not heavy into the OVAL capabilities of the KBOX, but I believe it's an on/off kind of thing. You can always write a custom SQL report to show details for a specific vulnerability.
Answered 02/15/2011 by: airwolf
Tenth Degree Black Belt

Please log in to comment
0
kawelea,

Unfortunately with the OVAL scans its an all or nothing.

Also remember that OVAL is very resource intensive on older machines.
Answered 02/15/2011 by: dchristian
Red Belt

Please log in to comment
0
Thanks much for the replies.
Answered 02/16/2011 by: kawelea
Orange Belt

Please log in to comment
0
Another method you could use is if the vulnerability has a specific patch used to fix it, you can find the patch and add a patch label manually to it and run the detection. This will at least let you know the machines that do not have the patch(s) thus could be vulnerable.
Answered 02/18/2011 by: nshah
Red Belt

Please log in to comment