CVEasy 1.0.0

data/.gitignore

@@ -0,0 +1,11 @@
+doc
+pkg
+tmp/*
+.DS_Store
+.yardoc
+*.db
+*.log
+*.swp
+*~
+*.gemspec
+*.gem

data/README.rdoc

@@ -0,0 +1,87 @@
+= CVEasy
+
+* Source: http://github.com/mephux/CVEasy
+* More: http://www.packetport.net
+
+== DESCRIPTION:
+
+CVEasy is a ruby interface for the Common Vulnerabilities and Exposures (CVE) database at http://cve.mitre.org. This project is mostly a proof of concept and experiment highlighting how truly powerful nokogiri (http://nokogiri.rubyforge.org) can be.
+
+== FEATURES/PROBLEMS:
+
+* Search by Keywords
+* Search by CVE Number and Year.
+* Return CVE Reference Links
+
+== INSTALL:
+
+ sudo gem install CVEasy
+
+== SYNOPSIS:
+
+You can use CVEasy to search for a particular CVE by using the following:
+ 
+ CVEasy::Query.new(:year => '2008', :cve => '1') do |cve|
+   puts cve.name            #=> "CVE-2008-0001"
+   puts cve.description     #=> "FS in the Linux kernel before 2.6.22.16, and 2.6.23.x before...."
+   puts cve.references      #=> ['http://secunia.com/advisories/28664', 'http://xforce.iss.net/xforce/xfdb/39672']
+   puts cve.status          #=> "Candidate"
+   puts cve.phase           #=> "Assigned (20071203)"
+   puts cve.assigned_at     #=> "Candidate assigned on 20071203 and proposed on N/A"
+ end
+ 
+If you want to search for CVE by a keyword use the following:
+
+ CVEasy::Query.new(:keyword => 'ruby') do |cve|
+   puts cve.name
+   puts cve.description
+   puts cve.url
+ end
+
+You can take the above example even further by querying the returned results:
+
+  CVEasy::Query.new(:keyword => 'ruby') do |cve|
+
+    puts cve.name
+
+    cve.more do |info|
+      puts info.references.inspect
+      puts info.status
+      puts info.phase
+      puts info.assigned_at
+    end
+  end
+
+== REQUIREMENTS:
+
+* nokogiri http://nokogiri.rubyforge.org >= 1.4.0
+
+== TODO
+
+* Add Tests
+* Add Documentation
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2009 Dustin Willis Webber
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,25 @@
+require 'rubygems'
+require 'rake'
+
+require './tasks/spec.rb'
+require './tasks/yard.rb'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "CVEasy"
+    gem.summary = "CVEasy is a ruby interface CVE database at http://cve.mitre.org."
+    gem.description = "CVEasy is a ruby interface for the Common Vulnerabilities and Exposures (CVE) database at http://cve.mitre.org."
+    gem.email = "dustin.webber@gmail.com"
+    gem.homepage = "http://github.com/mephux/CVEasy"
+    gem.authors = ["Dustin Willis Webber"]
+    gem.add_dependency "nokogiri", ">= 1.4.0"
+    gem.add_development_dependency "rspec", ">= 1.2.9"
+    gem.add_development_dependency "yard", ">=0.2.3.5"
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+# vim: syntax=ruby

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/init.rb

@@ -0,0 +1 @@
+require 'CVEasy'

data/lib/CVEasy.rb

@@ -0,0 +1,4 @@
+require "CVEasy/query.rb"
+
+module CVEasy
+end

data/lib/CVEasy/cve.rb

@@ -0,0 +1,42 @@
+module CVEasy
+
+  class Cve
+
+    def initialize(html)
+      @html = html
+    end
+
+    def name
+      @name = @html.at_css('h2').inner_text.strip if @html.at_css('h2')
+    end
+
+    def description
+      @description = @html.at_css('tr:nth-child(4)').inner_text.strip if @html.at_css('tr:nth-child(4)')
+    end
+
+    def references
+      unless @refs
+        @refs = []
+        @html.css('li a').each do |link|
+          @refs << ["#{link[:href]}"]
+        end
+      end
+      @refs
+    end
+    
+    def status
+      @status = @html.at_css('tr:nth-child(9) b').inner_text
+    end
+
+    def phase
+      @phase = @html.at_css('tr:nth-child(11) td').inner_text
+    end
+    
+    def assigned_at
+      @assigned_at = @html.at_css('tr:nth-child(16) .note').inner_text.strip
+    end
+
+
+  end
+
+end

data/lib/CVEasy/keyword.rb

@@ -0,0 +1,36 @@
+module CVEasy
+  
+  class Keyword
+    
+    def initialize(td, html)
+      @td = td
+      @html = html
+    end
+
+    def name
+      @name = @td.at_css('td:nth-child(1) a').inner_text if @td.at_css('td:nth-child(1) a')
+    end
+    
+    def description
+      @description = @td.at_css('td:nth-child(2)').inner_text.strip if @td.at_css('td:nth-child(2)')
+    end 
+    
+    def url
+      @url = BASE_URL + @td.at_css('td:nth-child(1) a')[:href] if @td.at_css('td:nth-child(1) a')[:href]
+    end
+    
+    def more(&block)
+      cve = Nokogiri::HTML(open(url))
+      block.call(Cve.new(cve.at_css('#GeneratedTable'))) if block
+    end
+
+    # def count
+    #   @count ||= @html.at('b:nth-child(2)').inner_text
+    # end
+    # 
+    # def to_s
+    #   @html.at('.smaller').inner_text.strip
+    # end
+    
+  end
+end

data/lib/CVEasy/query.rb

@@ -0,0 +1,47 @@
+require "CVEasy/keyword"
+require "CVEasy/cve"
+require "nokogiri"
+require "open-uri"
+require "uri"
+
+module CVEasy
+
+  BASE_URL = "http://cve.mitre.org"
+  CVE_URL = "#{BASE_URL}/cgi-bin/cvename.cgi?name=CVE-"
+  KEYWORD_URL = "#{BASE_URL}/cgi-bin/cvekey.cgi?keyword="
+
+  class Query < Keyword
+
+    def initialize(options={}, &block)
+
+      @year = options[:year]
+      @cve = options[:cve]
+      @keyword = options[:keyword]
+
+      if options[:keyword]
+
+        @url = "#{KEYWORD_URL}#{URI.escape(@keyword)}"
+        @html ||= Nokogiri::HTML(open(@url))
+
+        @html.css('#TableWithRules tr').each do |td|
+          # Skip The First TD - Used as TH.
+          next if td.at('a').nil?
+
+          block.call(Keyword.new(td, @html)) if block
+
+        end
+      else
+
+        @url = "#{CVE_URL}#{@year}-#{URI.escape(@cve)}"
+        @html = Nokogiri::HTML(open(@url))
+        block.call(Cve.new(@html.at_css('#GeneratedTable'))) if block
+
+      end
+    end
+    
+    def version
+      @version ||= @html.at('.smaller , b:nth-child(2)').inner_text
+    end
+
+  end
+end

data/spec/CVEasy_spec.rb

@@ -0,0 +1,11 @@
+require File.dirname(__FILE__) + '/spec_helper.rb'
+
+# Time to add your specs!
+# http://rspec.info/
+describe "Place your specs here" do
+  
+  it "find this spec in spec directory" do
+    # violated "Be sure to write your specs"
+  end
+  
+end

data/spec/spec_helper.rb

@@ -0,0 +1,6 @@
+require 'rubygems'
+gem 'rspec', '>=1.1.12'
+require 'spec'
+require 'spec/autorun'
+ 
+require "ipdb"

data/tasks/spec.rb

@@ -0,0 +1,10 @@
+require 'spec/rake/spectask'
+ 
+desc "Run all specifications"
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.libs += ['lib', 'spec']
+  t.spec_opts = ['--colour', '--format', 'specdoc']
+end
+ 
+task :test => :spec
+task :default => :spec

data/tasks/yard.rb

@@ -0,0 +1,12 @@
+require 'yard'
+ 
+YARD::Rake::YardocTask.new do |t|
+  t.files   = ['lib/**/*.rb']
+  t.options = [
+    '--protected',
+    '--files', 'History.txt',
+    '--title', 'Ipdb'
+  ]
+end
+ 
+task :docs => :yard

metadata

@@ -0,0 +1,97 @@
+--- !ruby/object:Gem::Specification 
+name: CVEasy
+version: !ruby/object:Gem::Version 
+  version: 1.0.0
+platform: ruby
+authors: 
+- Dustin Willis Webber
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-12-01 00:00:00 -06:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: nokogiri
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.4.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 1.2.9
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: yard
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.2.3.5
+    version: 
+description: CVEasy is a ruby interface for the Common Vulnerabilities and Exposures (CVE) database at http://cve.mitre.org.
+email: dustin.webber@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- .gitignore
+- README.rdoc
+- Rakefile
+- VERSION
+- init.rb
+- lib/CVEasy.rb
+- lib/CVEasy/cve.rb
+- lib/CVEasy/keyword.rb
+- lib/CVEasy/query.rb
+- spec/CVEasy_spec.rb
+- spec/spec_helper.rb
+- tasks/spec.rb
+- tasks/yard.rb
+has_rdoc: true
+homepage: http://github.com/mephux/CVEasy
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: CVEasy is a ruby interface CVE database at http://cve.mitre.org.
+test_files: 
+- spec/CVEasy_spec.rb
+- spec/spec_helper.rb