XML Schema Documentation
Table of Contents
- Schema Document Properties
- Global Declarations
- Element: Alert
- Element: CAPECs
- Element: CPEs
- Element: CVSS
- Element: CWEs
- Element: Description
- Element: EXPLOITDBs
- Element: IAVMs
- Element: METASPLOITs
- Element: MILW0RMs
- Element: NESSUSs
- Element: OPENVASs
- Element: OSVDBs
- Element: OVALs
- Element: Related_alerts
- Element: SAINTEXPLOITs
- Element: SNORTs
- Element: generator
- Element: user_info
- Element: vdna
Schema Document Properties
Target Namespace | http://www.security-database.com/vdna/1.0 |
---|---|
Element and Attribute Namespaces |
|
Schema Composition |
|
Documentation | This is an XML Schema for the V-DNA Dictionary. It is used to transfer full information about a single Alert. For more information, consult the V-DNA Specification document. Changelog 1.91 : - Add Nessus information Changelog 1.9 : - Add SnortRules information Changelog 1.8 : - Add IAVM information Changelog 1.7 : - Add OpenVAS information Changelog 1.6 : - Add OVAL class miscellaneous Changelog 1.5 : - Added Security Protection Changelog 1.4 : - Added Exploitdb Changelog 1.3 : - More detailled attributes Changelog 1.2 : - Add CPE urls Changelog 1.1 : - Added Metasploit - Bug on Milw0rm url Changelog 1.0 : - VDNA First public release |
Application Data | <schema> <author> <version> <date> |
Declared Namespaces
Prefix | Namespace |
---|---|
xml | http://www.w3.org/XML/1998/namespace |
xd | http://www.w3.org/2001/XMLSchema |
vdna_dict | http://www.security-database.com/vdna/1.0 |
Schema Component Representation
<xd:schema targetNamespace="http://www.security-database.com/vdna/1.0" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
...
</xd:schema>Global Declarations
Element: Alert
Name | Alert |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
XML Instance Representation
<vdna_dict:Alert
name="anySimpleType [1] ?"
sdcon="xd:string (value comes from list: 'NA' | 'Low' | 'Medium' | 'High' | 'Critical') [1] ?"
modified="xd:date [1] ?"
url="xd:anyURI [1] ?"
published="xd:date [1] ?"
securityprotection="xd:string (value comes from list: 'NA' | 'ALLOWS_OTHER_ACCESS' | 'ALLOWS_USER_ACCESS' | 'ALLOWS_ADMIN_ACCESS') [1] ?"
md5="xd:string (length = 32) [1] ?">
</vdna_dict:Alert>
name="anySimpleType [1] ?"
sdcon="xd:string (value comes from list: 'NA' | 'Low' | 'Medium' | 'High' | 'Critical') [1] ?"
modified="xd:date [1] ?"
url="xd:anyURI [1] ?"
published="xd:date [1] ?"
securityprotection="xd:string (value comes from list: 'NA' | 'ALLOWS_OTHER_ACCESS' | 'ALLOWS_USER_ACCESS' | 'ALLOWS_ADMIN_ACCESS') [1] ?"
md5="xd:string (length = 32) [1] ?">
</vdna_dict:Alert>
Schema Component Representation
<xd:element name="Alert">
<xd:complexType>
</xd:element><xd:sequence></xd:sequence>
<xd:attribute name="name" use="required"/>
<xd:attribute name="sdcon" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="NA"/>
<xd:enumeration value="Low"/>
<xd:enumeration value="Medium"/>
<xd:enumeration value="High"/>
<xd:enumeration value="Critical"/>
</xd:restriction><xd:attribute name="securityprotection" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="NA"/>
<xd:enumeration value="ALLOWS_OTHER_ACCESS"/>
<xd:enumeration value="ALLOWS_USER_ACCESS"/>
<xd:enumeration value="ALLOWS_ADMIN_ACCESS"/>
</xd:restriction><xd:attribute name="md5" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: CAPECs
Name | CAPECs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Common Attack Pattern Enumeration and Classification. http://capec.mitre.org/ |
XML Instance Representation
Schema Component Representation
<xd:element name="CAPECs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="CAPEC" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="id" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:int">
</xd:simpleType><xd:minInclusive value="0"/>
<xd:pattern value="[0-9]+"/>
<xd:maxInclusive value="100000"/>
</xd:restriction><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="MITRE"/>
<xd:enumeration value="NVD"/>
</xd:restriction>Element: CPEs
Name | CPEs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Common Platform Enumeration. http://cpe.mitre.org/ |
XML Instance Representation
Schema Component Representation
<xd:element name="CPEs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="CPE" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="MITRE"/>
<xd:enumeration value="NVD"/>
</xd:restriction>Element: CVSS
Name | CVSS |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Common Vulnerability Scoring System (CVSS-SIG). http://www.first.org/cvss/ |
XML Instance Representation
<vdna_dict:CVSS
cvss_vector="xd:string [0..1] ?"
cvss_version="xd:integer (value comes from list: '1' | '2') (pattern = [1-2]) (total no. of digits = 1) [0..1] ?"
cvss_basescore="xd:string [0..1] ?"
cvss_impactscore="xd:string [0..1] ?"
cvss_exploitscore="xd:string [0..1] ?"
cvss_accessvector="xd:string (value comes from list: 'Network' | 'Adjacent network' | 'Network' | 'Not Defined') [0..1] ?"
cvss_accesscomplexity="xd:string (value comes from list: 'High' | 'Medium' | 'Low' | 'Not Defined') [0..1] ?"
cvss_authentification="xd:string (value comes from list: 'Requires multiple instances' | 'Requires single instance' | 'Not Defined') [0..1] ?"/>
cvss_vector="xd:string [0..1] ?"
cvss_version="xd:integer (value comes from list: '1' | '2') (pattern = [1-2]) (total no. of digits = 1) [0..1] ?"
cvss_basescore="xd:string [0..1] ?"
cvss_impactscore="xd:string [0..1] ?"
cvss_exploitscore="xd:string [0..1] ?"
cvss_accessvector="xd:string (value comes from list: 'Network' | 'Adjacent network' | 'Network' | 'Not Defined') [0..1] ?"
cvss_accesscomplexity="xd:string (value comes from list: 'High' | 'Medium' | 'Low' | 'Not Defined') [0..1] ?"
cvss_authentification="xd:string (value comes from list: 'Requires multiple instances' | 'Requires single instance' | 'Not Defined') [0..1] ?"/>
Schema Component Representation
<xd:element name="CVSS">
<xd:complexType>
</xd:element><xd:attribute name="cvss_version">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:integer">
</xd:simpleType><xd:enumeration value="1"/>
<xd:enumeration value="2"/>
<xd:totalDigits value="1"/>
<xd:pattern value="[1-2]"/>
</xd:restriction><xd:attribute name="cvss_basescore"></xd:attribute>
<xd:attribute name="cvss_impactscore"></xd:attribute>
<xd:attribute name="cvss_exploitscore"></xd:attribute>
<xd:attribute name="cvss_accessvector">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="Network"/>
<xd:enumeration value="Adjacent network"/>
<xd:enumeration value="Network"/>
<xd:enumeration value="Not Defined"/>
</xd:restriction><xd:attribute name="cvss_accesscomplexity">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="High"/>
<xd:enumeration value="Medium"/>
<xd:enumeration value="Low"/>
<xd:enumeration value="Not Defined"/>
</xd:restriction><xd:attribute name="cvss_authentification">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="Requires multiple instances"/>
<xd:enumeration value="Requires single instance"/>
<xd:enumeration value="Not Defined"/>
</xd:restriction>Element: CWEs
Name | CWEs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Common Weakness Enumeration. http://cwe.mitre.org/ |
XML Instance Representation
Schema Component Representation
<xd:element name="CWEs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="CWE" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="id" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:int">
</xd:simpleType><xd:minInclusive value="0"/>
<xd:pattern value="[0-9]+"/>
<xd:maxInclusive value="100000"/>
</xd:restriction><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="MITRE"/>
<xd:enumeration value="NVD"/>
</xd:restriction>Element: Description
Name | Description |
---|---|
Type | xd:string |
Nillable | no |
Abstract | no |
Schema Component Representation
Element: EXPLOITDBs
Name | EXPLOITDBs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Exploitdb exploits and 0day exploits database |
XML Instance Representation
Schema Component Representation
<xd:element name="EXPLOITDBs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="EXPLOITDB" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: IAVMs
Name | IAVMs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Information Assurance Vulnerability Management (IAVM) |
XML Instance Representation
Schema Component Representation
<xd:element name="IAVMs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="IAVM" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: METASPLOITs
Name | METASPLOITs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | METASPLOIT exploits and 0day exploits database |
XML Instance Representation
Schema Component Representation
<xd:element name="METASPLOITs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="METASPLOIT" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: MILW0RMs
Name | MILW0RMs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Milw0rm exploits and 0day exploits database |
XML Instance Representation
Schema Component Representation
<xd:element name="MILW0RMs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="MILW0RM" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: NESSUSs
Name | NESSUSs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | NessusĀ® |
XML Instance Representation
Schema Component Representation
<xd:element name="NESSUSs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="NESSUS" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: OPENVASs
Name | OPENVASs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | OPENVAS database |
XML Instance Representation
Schema Component Representation
<xd:element name="OPENVASs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="OPENVAS" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: OSVDBs
Name | OSVDBs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Open Source Vunerability Database (OSVDB) Mapping |
XML Instance Representation
Schema Component Representation
<xd:element name="OSVDBs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="OSVDB" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="id" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:int">
</xd:simpleType><xd:minInclusive value="0"/>
<xd:pattern value="[0-9]+"/>
<xd:maxInclusive value="100000"/>
</xd:restriction><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: OVALs
Name | OVALs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Open Vulnerability and Assessment Language; OVAL is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. http://oval.mitre.org/ |
XML Instance Representation
<vdna_dict:OVALs>
<vdna_dict:OVAL
id="xd:string (pattern = oval:org.mitre.oval:def:[0-9]+) [1]"
source="xd:string (value comes from list: 'MITRE' | 'NVD') [1]"
url="xd:anyURI [1]"
name="xd:string [0..1]"
class="xd:string (value comes from list: 'vulnerability' | 'inventory' | 'patch' | 'compliance' | 'miscellaneous') (Whitespace policy: preserve) [0..1] ?"/> [0..*]
</vdna_dict:OVALs>id="xd:string (pattern = oval:org.mitre.oval:def:[0-9]+) [1]"
source="xd:string (value comes from list: 'MITRE' | 'NVD') [1]"
url="xd:anyURI [1]"
name="xd:string [0..1]"
class="xd:string (value comes from list: 'vulnerability' | 'inventory' | 'patch' | 'compliance' | 'miscellaneous') (Whitespace policy: preserve) [0..1] ?"/> [0..*]
Schema Component Representation
<xd:element name="OVALs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="OVAL" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="id" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:pattern value="oval:org.mitre.oval:def:[0-9]+"/>
</xd:restriction><xd:attribute name="source" use="required">
<xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="MITRE"/>
<xd:enumeration value="NVD"/>
</xd:restriction><xd:attribute name="class">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="vulnerability"/>
<xd:enumeration value="inventory"/>
<xd:enumeration value="patch"/>
<xd:whiteSpace value="preserve"/>
<xd:enumeration value="compliance"/>
<xd:enumeration value="miscellaneous"/>
</xd:restriction>Element: Related_alerts
Name | Related_alerts |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | Security-database Crosslinker Engine |
XML Instance Representation
Schema Component Representation
<xd:element name="Related_alerts">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="Related_alert" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="sdcon" use="required">
</xd:complexType><xd:simpleType>
</xd:attribute><xd:restriction base="xd:string">
</xd:simpleType><xd:enumeration value="NA"/>
<xd:enumeration value="Low"/>
<xd:enumeration value="Medium"/>
<xd:enumeration value="High"/>
<xd:enumeration value="Critical"/>
</xd:restriction>Element: SAINTEXPLOITs
Name | SAINTEXPLOITs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | SAINT Corporation Exploit Database |
XML Instance Representation
Schema Component Representation
<xd:element name="SAINTEXPLOITs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="SAINTEXPLOIT" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: SNORTs
Name | SNORTs |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
Documentation | SnortĀ® IPS/IDS Rules |
XML Instance Representation
Schema Component Representation
<xd:element name="SNORTs">
<xd:complexType>
</xd:element><xd:sequence>
</xd:complexType><xd:element name="SNORT" minOccurs="0" maxOccurs="unbounded">
</xd:sequence><xd:complexType>
</xd:element><xd:attribute name="source" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: generator
Name | generator |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
XML Instance Representation
Schema Component Representation
<xd:element name="generator">
<xd:complexType></xd:complexType>
</xd:element>Element: user_info
Name | user_info |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
XML Instance Representation
Schema Component Representation
<xd:element name="user_info">
<xd:complexType>
</xd:element><xd:attribute name="module_id" use="required">
</xd:complexType><xd:simpleType></xd:simpleType>
</xd:attribute>Element: vdna
Name | vdna |
---|---|
Type | Locally-defined complex type |
Nillable | no |
Abstract | no |
XML Instance Representation
Schema Component Representation