Is there a way to scan a group of computers for a specific vulnerability (referenced by its CVE designation)? I was thinking this would be a lightweight way to demonstrate the effectiveness of a patch that had been rolled out. thanks, Owen.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
I'm not heavy into the OVAL capabilities of the KBOX, but I believe it's an on/off kind of thing. You can always write a custom SQL report to show details for a specific vulnerability.
Answered 02/15/2011 by: airwolf
Tenth Degree Black Belt

Please log in to comment
0
kawelea,

Unfortunately with the OVAL scans its an all or nothing.

Also remember that OVAL is very resource intensive on older machines.
Answered 02/15/2011 by: dchristian
Red Belt

Please log in to comment
0
Thanks much for the replies.
Answered 02/16/2011 by: kawelea
Orange Belt

Please log in to comment
0
Another method you could use is if the vulnerability has a specific patch used to fix it, you can find the patch and add a patch label manually to it and run the detection. This will at least let you know the machines that do not have the patch(s) thus could be vulnerable.
Answered 02/18/2011 by: nshah
Red Belt

Please log in to comment
Answer this question or Comment on this question for clarity