Intrusion Prevention
Reply
mc
Visitor
mc
Posts: 2
Registered: ‎01-11-2008
0

CVE to Signature Mapping

Hi all,

 

For example I got a CERT Message like this:

 

CVE Reference - CVE-2010-2568
Microsoft Knowledge Base Article - 2286198

http://www.microsoft.com/technet/security/advisory/2286198.mspx

 

What´s now the best way to  check that there is a signature for this specific CVE Number is available ?

 

Thanks and bye

Marco

 

WDS
New User
WDS
Posts: 1
Registered: ‎05-09-2008
0

Re: CVE to Signature Mapping

Asking one of our experts I got:

 

1. Open NSM (should work on any version)

2. Go to object manager -> attack objects -> IDP objects 3. Highlight any cell within the CVE column.

4. <Ctrl>-F then E then enter the CVE(for example)

 

-Keith

Super Contributor
benjaminc
Posts: 181
Registered: ‎11-07-2007
0

Re: CVE to Signature Mapping

Hi All,


There is a file available from our website that shows all the CVE numbers for the signatures available, AFAIK this gets updates as soon as a signature is added.

 

https://services.netscreen.com/restricted/sigupdates/nsm-updates/CVE-BID-mapping.csv

 

Laters

 

Ben

Trusted Expert
Automate
Posts: 784
Registered: ‎11-01-2007
0

Re: CVE to Signature Mapping

Any idea what that last column in the file represents?

Juniper Employee
Bryan Burns
Posts: 8
Registered: ‎08-10-2010
0

Re: CVE to Signature Mapping

That is the Bugtraq ID.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.