The vulns
NSE library provides a set of useful functions for vulnerability management. Its purpose is to offer developers a common interface for storing and reporting vulnerabilities. The vulnerabilities are stored in the Nmap registry and can be accessed by other scripts during runtime. The library also helps keep track of all states of the vulnerabilities. The states are represented by the following string constants defined in the library:
vulns.STATE.NOT_VULN
vulns.STATE.LIKELY_VULN
vulns.STATE.VULN
vulns.STATE.DoS
vulns.STATE.EXPLOIT
Vulnerability reports are passed to the library as Lua tables. A vulnerability table needs two mandatory fields: title
and state
, but there are several other optional fields; some of them, such as IDS
, will also automatically generate URLs if a CVE, BID, or OSVDB ID is assigned. The supported fields are:
title
state
IDS
(optional)risk_factor
(optional)scores
(optional)description
(optional)dates
(optional)check_results
(optional)exploit_results...