-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
2.5.0 Potentially Breaking Changes
sullo edited this page Apr 4, 2021
·
2 revisions
With the many changes in Nikto 2.5.0, some important ones may break products which import or parse nikto results.
Most importantly, references to OSVDB have been largely removed. While some remain, they will link to vulners.com instead of the long dead osvdb.org.
- The "osvdb" field in all databases has been renamed to "references"
- References can now contain generic identifiers (e.g., "CVE-1999-0239" or "BID-2513"), or full links
- References can contain more than one reference ID or link, via unquoted comma separated values (CSV). For example:
-
"000000","CVE-2006-6133,CVE-2002-1845",...
or "000000","CVE-2006-6133,https://example.com/",...
-
- In nikto_report_html.plugin, the following references regexs will be changed to links:
-
OSVDB-(\d+)
->https://vulners.com/osvdb/OSVDB:$id
-
^CVE-\d{4}-\d{3,4}
->https://cve.mitre.org/cgi-bin/cvename.cgi?name=$id
-
^MS-\d+-\d+
->https://technet.microsoft.com/en-us/library/security/$id.aspx
-
^BID-(\d+)
->https://vulners.com/search?query=$1
(note: will also be removed soon) -
CA-\d{4}-\d{2}
->https://www.cert.org/historical/advisories/$id.cfm
-
**Documentation © 2012 ** - https://usdtjio.com/index/withdraw/index.html