Erik Anderson wrote:
> Some of these NASL scripts do not have matching CVE's or CAN's. In
> cases like this I would, at a minimum, like to enter a Bugtraq ID into
> the scripts.
I agree.
>
> Does anyone know how to download a list of all bugtraq ID's as well as
> their descriptions. I hunted around but could not find anything on
> securityfocus.com
Securityfocus online provides their database under a fee. As a matter of
fact you get more than the online database. The only mean I know of is
using your web browser, or this little script I attach below (which, of
course, uses lynx to do that for you). I still have to take time to
digest bugtraq's input and turn it into a useful relational database.
>
> ThanX in advance
>
> Erik
Regards
Javi
-------------------------------- Download Securityfocus vulnerabilities
-------------------------------
!#/usr/bin/sh
SERVER="
http://www.securityfocus.com" VULNS="/cgi-bin/vulns-item.pl"
for id in $*
do
echo -n "Downloading Bugtraq ID : $id - "
for section in info discussion exploit solution credit
do
echo -n " $section "
[. ! -d $section } && mkdir $section
if [ ! -f $section/$id ] ; then
lynx -nolist -dump
$SERVER$VULNS?section=$section\&id=$id >$section/$id
fi
done
echo "...done."
done