Problem with CVE Datafeed due to changes by NIST
Brought to you by:
tiochan
Menu
▾
▴
#4 Problem with CVE Datafeed due to changes by NIST
Hi,
I discovered today that NIST from October 16th 2015 on change the process to deliver NVD Updates. On https://nvd.nist.gov/Data-Feeds/datafeedinfo it is writen: "Effective October 16, 2015 the XML data feeds will no longer be available for download in an uncompressed format.
You have reached this page because you have a process that links directly to a file that no longer exists. Please modify your process to use the compressed format as described on the main NVD Datafeeds landing page."
By default SIGVI uses (entry taken from select * from vulnerability_sources;)
2 | NVD - updates | NVD Updates | cve-1.2-cvss.php | http://nvd.nist.gov/download/nvdcve-modified.xml | 1
Is an update for SIGVI planed or can you provide a brief advice how to fix this issue since I cannot import any CVE Updates anymore?
Thank's in advance.
Cheers,
Andreas
Hello,
Thank you for reporting this situation. I will work on a solution to solve
it.
Atentamente,
Sebastián Gómez
On Fri, Nov 27, 2015 at 2:27 PM, SecMgr secmgr101@users.sf.net wrote:
Related
Support Requests:
#4I have found a provisional solution to solve this situation:
Change the NVD source's URLs, adding at the beggining of each this string: "compress.zlib://", and appending the ".gz" at the end.
For example, the NVD Modified font source with URL:
- "http://nvd.nist.gov/download/nvdcve-modified.xml"
Is converted to:
- "compress.zlib://http://nvd.nist.gov/download/nvdcve-modified.xml.gz"
Check it, it worked for me.
Meanwhile, I changed it on the release under development to be delivered soon.
Thank you a lot.
Thank you for your quick response.
i logged on to the database entering
bash> mysql -u sigvi -p mypasswd
mysql> use sigvi;
mysql> select * from vulnerability_sources;
/ to retrieve the id_source value of relevance in my case id_source=2/
/ now the field parameters has to be updated using the value provided as work a round /
mysql> update vulnerability_sources Set parameters='compress.zlib://http://nvd.nist.gov/download/nvdcve-modified.xml.gz' where id_source = 2;
mysql> quit;
the I waited for the cron entry
0,30 * * /usr/bin/php -f /var/www/html/sigvi/cron/launch_processes.php > /tmp/output-sigvi.txt 2>&1
to execute.
Task completed.
Since I am running Sigvi 2.9 on a centos 7 VM the same issue as reported in https://sourceforge.net/p/sigvi/support-requests/3/ so I followed the recommendations provided using
php -f /var/www/html/sigvi/cron/launch_processes.php force
I have launched the task "20 Load Vulnerabilities" from the sigvi's task manager (from "configuration menu", and it finished successfully.
Also, I changed the source definition (to add the "compress.zlib://" from the source sigvi's management page.
Thank you for your comments.