Common Vulnerabilities and Exposures (CVE)
GFI LanGuard is CVE certified. This topic describes how CVE certification is used in GFI LanGuard.
CVE (Common Vulnerabilities and Exposures) is a list of standardized names for vulnerabilities and other information security exposures. Its aim is to standardize the names for all publicly known vulnerabilities and security exposures.
CVE is a dictionary which aim is to facilitate data distribution across separate vulnerability databases and security tools. CVE makes searching for information in other databases easier and should not be considered as a vulnerability database by itself.
CVE is a maintained through a community–wide collaborative effort known as the CVE Editorial Board. The Editorial Board includes representatives from numerous security–related organizations such as security tool vendors, academic institutions, and governments as well as other prominent security experts. The MITRE Corporation maintains CVE and moderates editorial board discussions.
About CVE Compatibility
"CVE–compatible" means that a tool, Web site, database, or service uses CVE names in a way that allows it to cross–link with other repositories that use CVE names. CVE–compatible products and services must meet the four requirements:
| Compatibility | Description |
|---|---|
| CVE Searchable | A user must be able to search for vulnerabilities and related information using the CVE name. |
| CVE Output | Information provided must include the related CVE name(s). |
| Mapping | The repository owner must provide a mapping relative to a specific version of CVE, and must make a good faith effort to ensure accuracy of that mapping. |
| Documentation | The organization’s standard documentation must include a description of CVE, CVE compatibility, and the details of how its customers can use the CVE–related functionality of its product or service. |
Note
For an in–depth understanding of CVE compatibility refer to the complete list of CVE requirements available at http://go.gfi.com/?pageid=LAN_CVE_Requirements
About CVE and CAN
CVE names (also called "CVE numbers," "CVE–IDs," and "CVEs") are unique, common identifiers for publicly known information security vulnerabilities. CVE names have "entry" or "candidate" status. Entry status indicates that the CVE name has been accepted to the CVE List while candidate status (also called "candidates," "candidate numbers," or "CANs") indicates that the name is under review for inclusion in the list.
Each CVE name includes the following:
- CVE identifier number (i.e. "CVE–1999–0067").
- Indication of "entry" or "candidate" status.
- Brief description of the security vulnerability or exposure.
- Any pertinent references (i.e., vulnerability reports and advisories or OVALA standard that promotes open and publicly available security content, and standardizes the transfer of this information across the entire spectrum of security tools and services.–ID).
NOTE
For an in–depth understanding of CVE names and CANs, refer to: http://go.gfi.com/?pageid=cvecert
Searching for CVE Entries
CVE entries can be searched from the Scanning profiles node within the Configuration tab.
Searching for CVE information
To search for a particular CVE bulletin:
1. Specify the bulletin name (for example, CVE–2005–2126) in the search tool entry box included at the bottom of the right pane.
2. Click on Find to start searching for your entry.
Obtaining CVE Names
CVE entry names can be obtained through the GFI LanGuard user interface from within the Scanning profiles node within the Configuration tab. By default, the CVE ID is displayed for all the vulnerabilities that have a CVE ID.
Importing and Exporting CVE Data
CVE data can be exported through the impex command line tool. For more information refer to Using impex.exe.