[This was originally published on the OSVDB blog.]
I should have started a series of these posts long ago. One of the more frustrating parts of most VDBs is the lack of a helpful search function. Searching for some products (SharePoint) is easy enough, as the name is distinct and not likely to find many matches. If you happen to know the script affected (logout.php), that too can make the search fast and painless. However, what if you want to list all vulnerabilities in PHP?
CVE: searching for “php.net” yields 0 matches, while searching for “php” gets 2896 BID: search by vendor, PHP ISS: advanced search, “php.net” will find most, but also include non PHP vulnerabilities SecurityTracker: search “php.net” will find some, but a world of additional threads/advisories Secunia: search “php.net”, pick a PHP vulnerability, click the software link, click vendor link, click the 6 links below corresponding to the major versions
If OSVDB had a complete data set, you could search fairly easily off the vendor name due to our vendor dictionary and listing associated products. Until then, one tip is to search references for “php.net” to pull up a list of all PHP native vulnerabilities. This won’t work for most vendors, but for the bigger vendors we’re trying to standardize our entries and references to facilitate easier searches.
If you know the specific GUID (e.g. 3d742890-397c-11cf-9bf1-00805f88cb72) related to an advisory, or some other odd number or unique identifier, try searching the reference for it. This also goes for advisory identification numbers. Again, the data set is far from complete but we’re trying!
Many years ago I opened a ticket to create a new feature that allowed one to search for vulnerabilities by associated port. Curious what vulnerabilities are related to TCP port 1234 or UDP port 5432? No problem! Until we can get more developers on board and knock out some of these projects, search reference for “tcp port 1234” or “udp port 5432”.
Hopefully, more search tips to come.