dawnscanner 1.2.99

data/lib/codesake/dawn/kb/cve_2012_3464.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2012_3464
+				include DependencyCheck
+
+				def initialize
+          message = "Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character."
+          super({
+            :name=>"CVE-2012-3464",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2012, 8, 10),
+            :cwe=>"79",
+            :owasp=>"A3", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 3.0.17, 3.1.8 or 3.2.8. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://groups.google.com/group/rubyonrails-security/msg/8f1bbe1cef8c6caf?dmode=source&output=gplain"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['3.0.17', '3.1.8', '3.2.8']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_3465.rb

@@ -0,0 +1,28 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-13
+			class CVE_2012_3465
+				include DependencyCheck
+
+				def initialize
+          message = "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup."
+          super({
+            :name=>"CVE-2012-3465",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2012, 8, 10),
+            :cwe=>"79",
+            :owasp=>"A3", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.13, 3.0.10, 3.1.0. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://groups.google.com/d/topic/rubyonrails-security/FgVEtBajcTY/discussion"]
+          })
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.14', '3.0.17', '3.1.8', '3.2.8']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_4464.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2012_4464
+				include RubyVersionCheck
+
+				def initialize
+          message = "Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression."
+          super({
+            :name=>"CVE-2012-4464",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2013, 4, 25),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.9.3-p286 or 2.0.0-p195 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p286"}, {:engine=>"ruby", :version=>"2.0.0", :patchlevel=>"p195"}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_4466.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2012_4466
+				include RubyVersionCheck
+
+				def initialize
+          message="Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005."
+          super({
+            :name=>"CVE-2012-4466",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2013, 4, 25),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.8.7-p371, 1.9.3-p286 or 2.0.0-p195 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p371"}, {:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p286"}, {:engine=>"ruby", :version=>"2.0.0", :patchlevel=>"p195"}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_4481.rb

@@ -0,0 +1,28 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-31
+			class CVE_2012_4481
+				include RubyVersionCheck
+
+				def initialize
+          message="The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. NOTE: this issue is due to an incomplete fix for CVE-2011-1005."
+          super({
+            :name=>"CVE-2012-4481",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2013, 5, 2),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.9.3 or 2.0.0 or latest version available",
+            :aux_links=>["https://bugzilla.redhat.com/show_bug.cgi?id=863484"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p9999"}]
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_4522.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-07-15
+			class CVE_2012_4522
+				include RubyVersionCheck
+
+				def initialize
+          message = "The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path."
+           super({
+            :name=>"CVE-2012-4522",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2012, 11, 24),
+            :cwe=>"264",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Upgrade ruby interpreter to latest 1.9.3 patchset or even better use ruby 2.x",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p286"}, {:engine=>"ruby", :version=>"2.0.0", :patchlevel=>"p0"}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_5370.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2012_5370
+				include RubyVersionCheck
+
+				def initialize
+          message="JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4838."
+           super({
+            :name=>"CVE-2012-5370",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2012, 11, 28),
+            :cwe=>"310",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"At the moment we're writing this (May 2013) there is no mitigation against this vulnerability. You must consider changing your hashing algorithm",
+            :aux_links=>["https://bugzilla.redhat.com/show_bug.cgi?id=880671"]
+          })
+
+          self.safe_rubies = [{:engine=>"jruby", :version=>"999.999.999", :patchlevel=>"p999"}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_5371.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-30
+			class CVE_2012_5371
+				include RubyVersionCheck
+
+				def initialize
+          message="Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815."
+         super({
+            :name=>"CVE-2012-5371",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2012, 11, 28),
+            :cwe=>"310",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade ruby interpreter to 1.9.3-p327 or 2.0.0-p195 or latest version available",
+            :aux_links=>["http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p327"}, {:engine=>"ruby", :version=>"2.0.0", :patchlevel=>"p195"}]
+ 
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_5380.rb

@@ -0,0 +1,30 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-07-15
+			class CVE_2012_5380
+				include RubyVersionCheck
+
+				def initialize
+          message = "** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the \"IKE and AuthIP IPsec Keying Modules\" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation."
+           super({
+            :name=>"CVE-2012-5380",
+            :cvss=>"AV:L/AC:H/Au:S/C:C/I:C/A:C",
+            :release_date => Date.new(2012, 10, 11),
+            :cwe=>"426",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::RUBY_VERSION_CHECK,
+            :message=>message,
+            :mitigation=>"Upgrade ruby to the latest 1.9.3 patch or even better use ruby 2.x",
+            :aux_links=>["https://www.htbridge.com/advisory/HTB23108"]
+          })
+
+          self.safe_rubies = [{:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p195"}]
+
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_6109.rb

@@ -0,0 +1,27 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2014-02-06
+			class CVE_2012_6109
+				include DependencyCheck
+
+				def initialize
+          message = "lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header."
+          super({
+            :name=>"CVE-2012-6109",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2013, 3, 1),
+            :cwe=>"",
+            :owasp=>"A9", 
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rack version up to version 1.4.4, 1.3.9, 1.2.7, 1.1.5 or higher.",
+            :aux_links=>["https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"]
+          })
+          self.safe_dependencies = [{:name=>"rack", :version=>['1.4.2', '1.3.7', '1.2.6', '1.1.4', '1.0.9999', '0.9.9999', '0.4.9999', '0.3.9999', '0.2.9999', '0.1.9999']}]
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_6134.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-31
+			class CVE_2012_6134
+				include DependencyCheck
+
+				def initialize
+          message="Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state."
+          super({
+            :name=>"CVE-2012-6134",
+            :cvss=>"AV:N/AC:M/Au:N/C:P/I:P/A:P",
+            :release_date => Date.new(2013, 4, 9),
+            :cwe=>"352",
+            :owasp=>"A8", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"At January 2014 there are no further releases of omniauth-oauth2 gem, however the vulnerability it has been fixed in the git repository. As remediation we suggest to ask your Gemfile to fetch the code directly from git@github.com:intridea/omniauth-oauth2.git",
+            :aux_links=>["https://github.com/intridea/omniauth-oauth2/pull/25"]
+          })
+
+          self.safe_dependencies = [{:name=>"omniauth-oauth2", :version=>['1.1.2']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_6496.rb

@@ -0,0 +1,30 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-06
+			class CVE_2012_6496
+				include DependencyCheck
+
+				def initialize
+          message = "SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls."
+
+          super({
+            :name=>"CVE-2012-6496",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:P/A:P",
+            :release_date => Date.new(2013, 1, 4),
+            :cwe=>"200",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 3.2.10, 3.1.9 or 3.0.18. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://groups.google.com/d/topic/rubyonrails-security/DCNTNp_qjFM/discussion"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['3.0.18', '3.2.10', '3.1.9']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2012_6497.rb

@@ -0,0 +1,30 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-06
+			class CVE_2012_6497
+				include DependencyCheck
+
+				def initialize
+          message = "The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product."
+
+          super({
+            :name=>"CVE-2012-6497",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:N/A:N",
+            :release_date => Date.new(2013, 1, 4),
+            :cwe=>"200",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version to the latest stable rails version.",
+            :aux_links=>["https://groups.google.com/d/topic/rubyonrails-security/DCNTNp_qjFM/discussion"]
+          })
+
+          self.safe_dependencies = [{:name=>"authlogic", :version=>['3.2.10']}]
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2013_0155.rb

@@ -0,0 +1,31 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-10
+			class CVE_2013_0155
+				include DependencyCheck
+
+				def initialize
+          message = "Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660 and CVE-2012-2694."
+
+          super({
+            :name=>"CVE-2013-0155",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:P/A:N",
+            :release_date => Date.new(2013, 1, 13),
+            :cwe=>"",
+            :owasp=>"A9", 
+            :applies=>["rails"],
+            :kind=>Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade rails version at least to 3.0.19, 3.1.10 and 3.2.11. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links=>["https://groups.google.com/d/topic/rubyonrails-security/c7jT-EeN9eI/discussion"]
+          })
+
+          self.safe_dependencies = [{:name=>"rails", :version=>['3.0.19', '3.1.10', '3.2.11']}]
+
+
+				end
+			end
+		end
+	end
+end

data/lib/codesake/dawn/kb/cve_2013_0156.rb

@@ -0,0 +1,29 @@
+module Codesake
+	module Dawn
+		module Kb
+			# Automatically created with rake on 2013-05-17
+			class CVE_2013_0156
+				include DependencyCheck
+
+				def initialize
+          message = "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion."
+
+         super({
+            :name=>'CVE-2013-0156', 
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:P/A:P",  
+            :release_date => Date.new(2013, 1, 13),
+            :cwe=>"20", 
+            :owasp=>"A9",
+            :applies=>["rails"],
+            :kind => Codesake::Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message => message,
+            :mitigation=>"Please upgrade rails version at least to 2.3.15, 3.0.19, 3.1.10 and 3.2.11. As a general rule, using the latest stable rails version is recommended.",
+            :aux_links => ["https://groups.google.com/group/rubyonrails-security/msg/c1432d0f8c70e89d?dmode=source&output=gplain"]
+          })
+          self.safe_dependencies = [{:name=>"rails", :version=>['2.3.15', '3.0.19', '3.2.11', '3.1.10']}]
+ 
+				end
+			end
+		end
+	end
+end