Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
pullcves(1)			pullcves Manual			   pullcves(1)

       pullcves	 - Update the local cvechecker CVE database and	version	match-
       ing rules

       pullcves	pull or
       pullcves	cleancache

       The pullcves script will	download the CVE entries from the Internet and
       store them in the local cvechecker databases. It	will also download the
       latest version matching rules from the Internet and load	them up	in the
       cvechecker  database. It	uses the wget tool for the downloads and xslt-
       proc for	the XML	conversions.

       If cleancache is	used, it will clean its	internal cache.	This will  ef-
       fectively  remove the downloaded	XML (and generated CSV)	files, causing
       the next	pull to	redownload and reimport	everything.

       The pullcves script uses	the configuration file of cvechecker  for  the
       paths  of  the  various	locations  using  the same logic (if CVECHECK-
       ER_CONFFILE is set as environment variable, then	it has to point	 to  a
       valid  configuration  file;  if the environment variable	is not set, it
       ties	~/.cvechecker.rc,      /usr/local/etc/cvechecker.conf	   and
       /etc/cvechecker.conf in that order).

       The command is simply pullcves pull or pullcves cleancache.

       The returncode of pullcves depends on the actions it performed.

       In case of pull:

       o A  returncode	of  0 means that the CVE database and version matching
	 rules were already up to date

       o A returncode of 1 means that the CVE database is updated

       o A returncode of 2 means that the version matching rules are updated

       o A returncode of 3 means that both the CVE database and	version	match-
	 ing rules are updated

       pullcves	 is  part of the cvechecker tool. pullcves was written by Sven
       Vermeulen <>.

August 17, 2013			17 August 2013			   pullcves(1)


Want to link to this manual page? Use this URL:

home | help