Reporting vulnerability checks
Nmap can be used as a vulnerability scanner with the help of some NSE scripts. While this is not Nmap's main objective, the vulnerability detection scripts available are great. The NSE vuln
library manages and unifies the output of the vulnerability checks performed by NSE.
This recipe will show you how to make Nmap report the vulnerability checks performed during a scan.
How to do it...
Launch the NSE scripts in the vuln
category against your target:
$nmap -sV --script vuln <target>
If Nmap finds a vulnerability, it will be included in the report:
| smb2-vuln-uptime: |Â Â Â VULNERABLE: |Â Â Â MS17-010: Security update for Windows SMB Server |Â Â Â Â Â State: LIKELY VULNERABLE |Â Â Â Â Â IDs:Â Â ms:ms17-010Â Â CVE:2017-0147 |Â Â Â Â Â Â Â This system is missing a security update that resolves vulnerabilities in |Â ...