Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Nessus>
  3. devel
Cve_id field is being truncated when exporting results to MySQL
SPAOTVA at cse-cst
Dec 1, 2006, 6:48 AM
Post #1 of 2 (5996 views)
Permalink
Classification: UNCLASSIFIED

Hi,
I am running a CoLinux (Gentoo) session on my XP box with. Nessus for
Linux is running in Gentoo and I am using Nessus WX as my client.
I have the description, solution and cve_id fields set to text in MySQL.
When I export the results from a scan into MySQL through Nessus WX the
cve_id field get's truncated. The description and solution fields export
without a problem.
If I look at the raw data of the scan the cve_id information is
complete.
Has anyone run into this problem?

Thanks
Mike
Re: Cve_id field is being truncated when exporting results to MySQL [ In reply to ]
theall at tenablesecurity
Dec 3, 2006, 11:52 AM
Post #2 of 2 (5648 views)
Permalink
On Fri, Dec 01, 2006 at 09:48:48AM -0500, SPAOTVA wrote:

> I have the description, solution and cve_id fields set to text in MySQL.
> When I export the results from a scan into MySQL through Nessus WX the
> cve_id field get's truncated. The description and solution fields export
> without a problem.
>
> If I look at the raw data of the scan the cve_id information is complete.

Look at the type used for cve_id in the MySQL table. The schema
available here :

http://nessuswx.nessus.org/sql_tables.html

allows a maximum of only 32 characters, in other words, 2 CVEs. That's
definitely too small given the plugins that exist today. I'm not sure
what an upper bound should be, though, but 255 should avoid problems
with most plugins.

George
--
theall@tenablesecurity.com
_______________________________________________
Nessus-devel mailing list
Nessus-devel@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus-devel

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal