Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.11.1 available

The official documentation can be found on http://wiki.ocsinventory-ng.org. Read it before asking your question.

CVE Create a matching regex

Hi, I have version 2.9 server on Ubuntu 20.0.4. On the other hand I have the analysis system to locate vulnerable software working correctly against my CVE Server.

Following the documentation, we have vulnerable software that is not detected ... following the example for 'cisco' (https://wiki.ocsinventory-ng.org/04.Management-console-and-its-advanced-features/CVE-Search-match-regex/#create-a-matching-regex , it works and I detect the example software) I try to detect for example Adobe and Putty but it does not work for me... here step by step example:
1- Inside 'all software' in OCS Server I locate this on several computers:

*Software name: PuTTY release 0.70 (64-bit)

*Publisher: Simon Tatham

2- It is vulnerable software, by Putty's version based on https://nvd.nist.gov/vuln/detail/CVE-2019-17068

3- Here located the editor and program name for the matching regex: https://cve.circl.lu/search/simon_tatham/putty

4- In the CVE Intentory section of OCS I import CSV file with the following parameters: PuTTy*,simon_tatham,putty

I have tried different ways to input the parameters like PuTTY release 0.70 (64-bit),simon_tatham,putty and different ways, but it doesn't work either.

It does not locate anything. The same thing happens to me with several programs, like adobe_reader for example.

Someone with the same problem?
in OCS Inventory NG server for Unix by (120 points)

1 Answer

0 votes
Did you try the regex "putty*" ? I tried to read the function comparing the regexes and I think that it do a lowercase of the software name before comparing with the matching expression.
by (160 points)
Powered by Question2Answer