dawnscanner 1.2.99

data/lib/codesake/dawn/kb/cve_2011_0995.rb

@@ -0,0 +1,63 @@
+module Codesake
+	module Dawn
+		module Kb
+
+      class CVE_2011_0995_a
+
+        include DependencyCheck
+
+				def initialize
+          message = "CVE-2011:0995: sqlite3 gem version 1.2.4 is vulnerable"
+
+          super({
+            :name=>"CVE-2011-0995_a",
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+          })
+
+          self.safe_dependencies = [{:name=>"sqlite3", :version=>['1.2.4']}]
+				end
+      end
+
+      class CVE_2011_0995_b
+        include OperatingSystemCheck
+
+				def initialize
+          message = "CVE-2011-0995: sqlite3 gem is vulnerable only in SuSE 11 sp1"
+
+          super({
+            :name=>"CVE-2011-0995_b",
+            :kind=>Codesake::Dawn::KnowledgeBase::OS_CHECK,
+          })
+
+          self.safe_os = [{:family=>"linux", :vendor=>"suse", :version=>['11sp2']}]
+
+				end
+      end
+
+			# Automatically created with rake on 2013-07-10
+			class CVE_2011_0995
+				include ComboCheck
+
+				def initialize
+          message = "The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors."
+
+          super({
+            :name=>"CVE-2011-0995",
+            :cvss=>"AV:L/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 5, 13),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["sinatra", "padrino", "rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::COMBO_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.15, 3.2.5, 3.1.5 or 3.0.13. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["http://support.novell.com/security/cve/CVE-2011-0995.html"],
+            :checks=>[CVE_2011_0995_a.new, CVE_2011_0995_b.new]
+          })
+
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_1004.rb

@@ -0,0 +1,36 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_1004
+				include RubyVersionCheck
+
+				def initialize
+          message = "The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack."
+          super({
+            :name=>"CVE-2011-1004",
+            :cvss=>"AV:L/AC:M/Au:N/C:N/I:C/A:C",
+            :release_date => Date.new(2011, 3, 2),
+            :cwe=>"59",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter up to the latest version available",
+            :aux_links=>["ihttp://www.ruby-lang.org/en/news/2011/02/18/fileutils-is-vulnerable-to-symlink-race-attacks/"]
+          })
+
+          self.safe_rubies = [
+            {:engine=>"ruby", :version=>"1.8.6", :patchlevel=>"p421"},
+            {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p331"},
+            {:engine=>"ruby", :version=>"1.8.8", :patchlevel=>"p0"},
+            {:engine=>"ruby", :version=>"1.9.1", :patchlevel=>"p431"},
+            {:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"p137"},
+            {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p0"},
+          ]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_1005.rb

@@ -0,0 +1,33 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_1005
+				include RubyVersionCheck
+
+				def initialize
+          message = "The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname."
+          super({
+            :name=>"CVE-2011-1005",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 3, 2),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter up to 1.8.6-p420, up to 1.8.7-p330 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2011/02/18/exception-methods-can-bypass-safe/"]
+          })
+
+          self.safe_rubies = [
+            {:engine=>"ruby", :version=>"1.8.6", :patchlevel=>"p421"},
+            {:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p331"},
+            {:engine=>"ruby", :version=>"1.8.8", :patchlevel=>"p0"}
+          ]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2197.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2011_2197
+				include DependencyCheck
+
+				def initialize
+          message="The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks via crafted strings to an application that uses a problematic string method, as demonstrated by the sub method."
+          super({
+            :name=>"CVE-2011-2197",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 6, 30),
+            :cwe=>"79",
+            :owasp=>"A3", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.12, 3.0.8, 3.1.0. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["http://weblog.rubyonrails.org/2011/6/8/potential-xss-vulnerability-in-ruby-on-rails-applications"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.12', '3.0.8', '3.1.0']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2686.rb

@@ -0,0 +1,31 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_2686
+				include RubyVersionCheck
+
+				def initialize
+          message = "Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issue exists because of a regression during Ruby 1.8.6 development."
+
+          super({
+            :name=>"CVE-2011-2686",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:N/A:N",
+            :release_date => Date.new(2011, 8, 5),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.8.7-p352 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2011/07/02/ruby-1-8-7-p352-released/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p352"}]
+
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2705.rb

@@ -0,0 +1,34 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_2705
+				include RubyVersionCheck
+
+				def initialize
+          message = "The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID."
+
+          super({
+            :name=>"CVE-2011-2705",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:N/A:N",
+            :release_date => Date.new(2011, 8, 5),
+            :cwe=>"20",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.8.7-p352 or 1.9.2-p290 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p352"}, 
+                              {:engine=>"ruby", :version=>"1.9.0", :patchlevel=>"p999"},
+                              {:engine=>"ruby", :version=>"1.9.1", :patchlevel=>"p999"},
+                              {:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"p290"}
+          ]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2929.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-07-12
+			class CVE_2011_2929
+				include DependencyCheck
+
+				def initialize
+          message = "The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which allows remote attackers to render arbitrary views via a crafted URL, related to a \"filter skipping vulnerability.\""
+          super({
+            :name=>"CVE-2011-2929",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"20",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 3.1.0 or 3.0.10. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://github.com/rails/rails/commit/5f94b93279f6d0682fafb237c301302c107a9552"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['3.1.0', '3.0.10']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2930.rb

@@ -0,0 +1,30 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_2930
+				include DependencyCheck
+
+				def initialize
+          message = "Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name."
+          super({
+            :name=>"CVE-2011-2930",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:P/A:P",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"89",
+            :owasp=>"A1", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails to version 2.3.13, 3.0.10 and 3.1.1. As a general rule, using the latest stable version is recommended.",
+            :aux_links=>["http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source&output=gplain"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.13', '3.0.10', '3.1.1']}]
+          self.save_major = true
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2931.rb

@@ -0,0 +1,32 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-13
+			class CVE_2011_2931
+				include DependencyCheck
+
+				def initialize
+          message = "Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a tag with an invalid name." 
+          super({
+            :name=>"CVE-2011-2931",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"79",
+            :owasp=>"A3", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.13, 3.0.10, 3.1.0. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://groups.google.com/d/topic/rubyonrails-security/Vr_7WSOrEZU/discussion"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.13', '3.0.10', '3.1.0']}]
+
+
+          
+          
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_2932.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2011_2932
+				include DependencyCheck
+
+				def initialize
+          message = "Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a \"UTF-8 escaping vulnerability.\""
+          super({
+            :name=>"CVE-2011-2932",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"79",
+            :owasp=>"A3", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.13, 3.0.10, 3.1.0. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["http://secunia.com/advisories/45917"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.13', '3.0.10', '3.1.0']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_3009.rb

@@ -0,0 +1,30 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_3009
+				include RubyVersionCheck
+
+				def initialize
+          message = "Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900."
+
+          super({
+            :name=>"CVE-2011-3009",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:N/A:N",
+            :release_date => Date.new(2011, 8, 11),
+            :cwe=>"310",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Upgrade your ruby interpreter",
+            :aux_links=>["http://www.openwall.com/lists/oss-security/2011/07/20/1"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.6", :patchlevel=>"p112"}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_3186.rb

@@ -0,0 +1,31 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-29
+			class CVE_2011_3186
+				include DependencyCheck
+
+				def initialize
+          message="CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header."
+
+          super({
+            :name=>"CVE-2011-3186",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"94",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.13. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://github.com/rails/rails/commit/11dafeaa7533be26441a63618be93a03869c83a9"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.13']}]
+ 
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2011_3187.rb

@@ -0,0 +1,31 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-01-08
+			class CVE_2011_3187
+				include DependencyCheck
+
+				def initialize
+          message = "The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which might allow remote attackers to inject arbitrary text into log files or bypass intended address parsing via a crafted header."
+
+          super({
+            :name=>"CVE-2011-3187",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2011, 8, 29),
+            :cwe=>"20",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails to version 3.0.6. As a general rule, using the latest stable version is recommended.",
+            :aux_links=>["http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0337.html"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['3.0.6']}]
+          self.save_major = true
+
+				end
+			end
+		end
+	end
+end