Monday, September 5, 2011

OVALdi - an open-source local vulnerability assessment scanner

OVAL Interpreter is a freely available reference implementation that demonstrates the evaluation of OVAL Definitions. Based on a set of Definitions the interpreter collects system information, evaluates it, and generates detailed OVAL Results.



OVALdi is open-source and still under heavy development, so the results may not always be accurate:

  • The repository of OVAL definitions is not complete yet: Not all vulnerabilities will be detected.
  • Non-English versions of Windows do not seem to be supported as well as English versions: In practice you may encounter more false positives (reported vulnerabilities even when the patch is already installed).
  • Potential bugs

Download Link : Click Here