dawnscanner 1.5.2 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 313b6f39d2552cd17cc22146869e62bf09c2e3bf
-  data.tar.gz: 98557420fb931a751dbdf1ae2e618d5c02f5ae45
+  metadata.gz: 380c6df2bc5c7d61d6c1b7ada8fb8a56c4a39bb5
+  data.tar.gz: 34245bac1ac6e5b254913388003ca484dd793f6c
 SHA512:
-  metadata.gz: 223a2251f79238be8ae251f98b2b879e808801be97d813cc947aaffd8dd6a0a3945b9115c4efd9902e621e6a0df5b9f3944cf18c8f372b5f7268aa335f4b5394
-  data.tar.gz: 4c075b80716633944f58be2cfa0c8e245c8c06f7443d8f58d1cae14f44ee184744bdd6f37b39326a631fd3c25553a1e96b03ad3e09274422f91ade962cef00d3
+  metadata.gz: 114a8bf87ec4a07107c74dc843709a642e9bce77e9373384f304538ca3613ff1bcb3eba37bb564b91a505761ebdbe8cf8728a4617df42c210ceca1879feeb9c8
+  data.tar.gz: 3eb5f35bb5acbe11f3bb94d8554d5f6b24142778513ae07256deeab3ecca1289c4d0f55c010bb0706fc0c3f366caa3db247047c1595b6dbb593883bc0ef41ad7

data/.travis.yml

@@ -1,8 +1,15 @@
 language: ruby
 rvm:
+  - 2.3.0
   - 2.2.3
   - 2.1.0
   - 2.0.0
-  - 1.9.3
   - ruby-head
   - rbx
+notifications:
+  webhooks:
+    urls:
+      - https://webhooks.gitter.im/e/968de5e2c7eb03759e38
+    on_success: change  # options: [always|never|change] default: always
+    on_failure: always  # options: [always|never|change] default: always
+    on_start: never     # options: [always|never|change] default: always

data/Changelog.md

@@ -5,7 +5,70 @@ It supports [Sinatra](http://www.sinatrarb.com),
 [Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
 frameworks.
 
-_latest update: Thu Dec  3 18:29:33 CET 2015_
+_latest update: Wed Feb  3 10:59:00 CET 2016_
+
+## Version 1.6.0 - codename: Tow Mater (2016-02-03)
+
+* Issue #186 - Adding a check for CVE-2015-7576: Timing attack vulnerability in
+  basic authentication in Action Controller
+* Issue #185 - Adding a check for CVE-2016-0751: Possible Object Leak and
+  Denial of Service attack in Action Pack
+* BUGFIX in is_vulnerable_minor? in case of version length mismatch, there was
+  an error evaluating if safe_version.length > detected_version.length block
+* BUGFIX in is_vulnerable_aux_patch? when detected version has no auxiliary
+  patch (eg. 3.5.3) and safe version has it (eg. 3.5.3.1) the check was not
+  triggered the right way. Now aux patch is forced to 0 when missing and when
+  one of twos has it.
+* Issue #184 - Adding a check for CVE-2015-7577: Nested attributes rejection
+  proc bypass in Active Record.
+* Issue #183 - Adding a check for CVE-2015-7579: XSS vulnerability in
+  rails-html-sanitizer
+* Issue #182 - Adding a check for CVE-2016-0752: Possible Information Leak
+  Vulnerability in Action View
+* Issue #181 - Adding a check for CVE-2016:0753: Possible Input Validation
+  Circumvention in Active Model
+* Issue #180 - Adding a check for CVE-2015-7578: Possible XSS vulnerability in
+  rails-html-sanitizer
+* Issue #179 - Adding a check for CVE-2015-7581: Object leak vulnerability for
+  wildcard controller routes in Action Pack
+* BUGFIX in is_higher? when a version with an aux patch number was compared
+  with a one without ('1.2.3.4' vs '1.2.3') the incorrect result were
+  triggered.
+* BUGFIX in is_same_version? when a beta version is to be evaluated, during
+  comparison the beta number must be discarded.
+* BUGFIX in is_vulnerable_beta? handling situation when either safe version or
+  detected version doesn't have the beta number
+* BUGFIX in is_vulnerable_rc? handling situation when either safe version or
+  detected version doesn't have the rc number
+* BUGFIX in is_vulnerable_pre? handling situation when either safe version or
+  detected version doesn't have the pre number
+* Issue #173 handles a lot of CVE about nokogiri rubygem due to libxml version embedded on it:
+  - CVE-2015-5312: DoS in xmlStringLenDecodeEntities()
+  - CVE-2015-7497: DoS in xmlDictComputeFastQKey()
+  - CVE-2015-7498: DoS in xmlParseXmlDecl()
+  - CVE-2015-7499: In memory information disclosure due to heap-based buffer
+    overflow in the xmlGROW()
+  - CVE-2015-7500: DoS in xmlParseMisc()
+  - CVE-2015-8241: Information disclosure and DoS in xmlNextChar()
+  - CVE-2015-8242: Information disclosure and DoS in xmlSAX2TextNode()
+  - CVE-2015-8317: Information disclosure in xmlParseXMLDecl()
+* Issue #171 - Adding a check for CVE-2015-7541: colorscore Gem for Ruby
+  lib/colorscore/histogram.rb Arbitrary Command Injection
+* Issue #169 - Adding a check for CVE-2015-7519: Phusion Passenger Server
+  allows to overwrite headers in some cases
+* BUGFIX in bin/dawn when target from command line is '.'. The directory name
+  must be expanded to save results
+* Issue #177 BUGFIX. HTML reporting is broken. The line "support_path =
+  File.join(Dir.pwd, 'support')" in reporter.rb:40 is used to build the path
+  for support files (css, js) to be copied in the output directory. If you call
+  dawn using '.' as target directory name, an exeception is raised. Fixed
+  changing the line this way: "support_path = File.join(File.dirname(__FILE__),
+  '..', '..', 'support')"
+* Issue #177 BUGFIX. HTML filename creation is honored when -F flag is used.
+* Issue #177 IMPROVEMENT. As @mort666 suggested, now bootstrap and jquery are
+  loaded from CDN and specific CSS is now embedded in the HTML report in a
+  minified form.
+
 
 ## Version 1.5.2 - codename: Tow Mater (2015-12-16)
 

data/KnowledgeBase.md

@@ -1,6 +1,6 @@
 # Dawnscanner Knowledge base
 
-The knowledge base library for dawnscanner version 1.4.2 contains 209 security checks.
+The knowledge base library for dawnscanner version 1.6.0 contains 227 security checks.
 ---
 * Simple Form XSS - 20131129: There is a XSS vulnerability on Simple Form's label, hint and error options. When Simple Form creates a label, hint or error message it marks the text as being HTML safe, even though it may contain HTML tags. In applications where the text of these helpers can be provided by the users, malicious values can be provided and Simple Form will mark it as safe.
 * [CVE-2004-0755](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755): The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
@@ -377,6 +377,42 @@ XML documents with carefully crafted entity expansion strings which can cause th
 * CVE-2015-3448: REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
 * [CVE-2015-4020](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4020): RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API request, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a 'DNS hijack attack.'
 * CVE-2015-4020: RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API request, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a 'DNS hijack attack.'
+* [CVE-2015-5312](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312): The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
+* CVE-2015-5312: The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
+* [CVE-2015-7497](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497): Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
+* CVE-2015-7497: Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
+* [CVE-2015-7498](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498): Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
+* CVE-2015-7498: Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
+* [CVE-2015-7499](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499): Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
+* CVE-2015-7499: Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
+* [CVE-2015-7500](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500): The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
+* CVE-2015-7500: The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
+* [CVE-2015-7519](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7519): agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.
+* CVE-2015-7519: agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header.
+* [CVE-2015-7541](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7541): The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable.
+* CVE-2015-7541: The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable.
+* [CVE-2015-7576](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7576): There is a timing attack vulnerability in the basic authentication support in Action Controller. Due to the way that Action Controller compares user names and passwords in basic authentication authorization code, it is possible for an attacker to analyze the time taken by a response and intuit the password.
+* CVE-2015-7576: There is a timing attack vulnerability in the basic authentication support in Action Controller. Due to the way that Action Controller compares user names and passwords in basic authentication authorization code, it is possible for an attacker to analyze the time taken by a response and intuit the password.
+* [CVE-2015-7577](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7577): There is a vulnerability in how the nested attributes feature in Active Record handles updates in combination with destroy flags when destroying records is disabled.
+* CVE-2015-7577: There is a vulnerability in how the nested attributes feature in Active Record handles updates in combination with destroy flags when destroying records is disabled.
+* [CVE-2015-7578](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7578): There is a possible XSS vulnerability in rails-html-sanitizer. Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications.
+* CVE-2015-7578: There is a possible XSS vulnerability in rails-html-sanitizer. Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications.
+* [CVE-2015-7579](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7579): There is a XSS vulnerability in Rails::Html::FullSanitizer used by Action View's strip_tags. Due to the way that Rails::Html::FullSanitizer is implemented, if an attacker passes an already escaped HTML entity to the input of Action View's strip_tags these entities will be unescaped what may cause a XSS attack if used in combination with raw or html_safe.
+* CVE-2015-7579: There is a XSS vulnerability in Rails::Html::FullSanitizer used by Action View's strip_tags. Due to the way that Rails::Html::FullSanitizer is implemented, if an attacker passes an already escaped HTML entity to the input of Action View's strip_tags these entities will be unescaped what may cause a XSS attack if used in combination with raw or html_safe.
+* [CVE-2015-7581](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7581): There is an object leak vulnerability for wildcard controllers in Action Pack. Users that have a route that contains the string ":controller" are susceptible to objects being leaked globally which can lead to unbounded memory growth. 
+* CVE-2015-7581: There is an object leak vulnerability for wildcard controllers in Action Pack. Users that have a route that contains the string ":controller" are susceptible to objects being leaked globally which can lead to unbounded memory growth. 
+* [CVE-2015-8241](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241): The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
+* CVE-2015-8241: The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
+* [CVE-2015-8242](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242): The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
+* CVE-2015-8242: The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
+* [CVE-2015-8317](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317): The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read
+* CVE-2015-8317: The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read
+* [CVE-2016-0751](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0751): There is a possible object leak which can lead to a denial of service vulnerability in Action Pack. A carefully crafted accept header can cause a global cache of mime types to grow indefinitely which can lead to a possible denial of service attack in Action Pack.
+* CVE-2016-0751: There is a possible object leak which can lead to a denial of service vulnerability in Action Pack. A carefully crafted accept header can cause a global cache of mime types to grow indefinitely which can lead to a possible denial of service attack in Action Pack.
+* [CVE-2016-0752](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0752): There is a possible directory traversal and information leak vulnerability in Action View. Applications that pass unverified user input to the render method in a controller may be vulnerable to an information leak vulnerability.
+* CVE-2016-0752: There is a possible directory traversal and information leak vulnerability in Action View. Applications that pass unverified user input to the render method in a controller may be vulnerable to an information leak vulnerability.
+* [CVE-2016-0753](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0753): There is a possible input validation circumvention vulnerability in Active Model. Code that uses Active Model based models (including Active Record models) and does not validate user input before passing it to the model can be subject to an attack where specially crafted input will cause the model to skip validations.
+* CVE-2016-0753: There is a possible input validation circumvention vulnerability in Active Model. Code that uses Active Model based models (including Active Record models) and does not validate user input before passing it to the model can be subject to an attack where specially crafted input will cause the model to skip validations.
 * [OSVDB-105971](http://osvdb.org/show/osvdb/105971): sfpagent Gem for Ruby contains a flaw that is triggered as JSON[body] input is not properly sanitized when handling module names with shell metacharacters. This may allow a context-dependent attacker to execute arbitrary commands.
 * OSVDB-105971: sfpagent Gem for Ruby contains a flaw that is triggered as JSON[body] input is not properly sanitized when handling module names with shell metacharacters. This may allow a context-dependent attacker to execute arbitrary commands.
 * [OSVDB-108569](http://osvdb.org/show/osvdb/108569): backup_checksum Gem for Ruby contains a flaw in /lib/backup/cli/utility.rb that is triggered as the program displays password information in plaintext in the process list. This may allow a local attacker to gain access to password information.
@@ -437,4 +473,4 @@ Setting this to true will essentially strip out any host information.
 This check will analyze the source code looking for the following patterns: XXX, TO_CHECK, CHECKME, CHECK and FIXME
 
 
-_Last updated: Thu 03 Dec 18:28:09 CET 2015_
+_Last updated: Wed 03 Feb 10:57:52 CET 2016_

data/README.md

@@ -20,10 +20,11 @@ box:
 [![Coverage Status](https://coveralls.io/repos/thesp0nge/dawnscanner/badge.png)](https://coveralls.io/r/thesp0nge/dawnscanner)
 [![Bitdeli Badge](https://d2weczhvl823v0.cloudfront.net/thesp0nge/dawnscanner/trend.png)](https://bitdeli.com/free "Bitdeli Badge")
 [![Inline docs](http://inch-ci.org/github/thesp0nge/dawnscanner.png?branch=master)](http://inch-ci.org/github/thesp0nge/dawnscanner)
+[![Gitter](https://badges.gitter.im/thesp0nge/dawnscanner.svg)](https://gitter.im/thesp0nge/dawnscanner?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
 
 ---
 
-dawnscanner version 1.5.2 has 209 security checks loaded in its knowledge
+dawnscanner version 1.6.0 has 227 security checks loaded in its knowledge
 base. Most of them are CVE bulletins applying to gems or the ruby interpreter
 itself. There are also some check coming from Owasp Ruby on Rails cheatsheet.
 

data/VERSION

@@ -6,11 +6,10 @@
 #
 # | Character       | Release |
 # |-----------------|---------|
-# |  "Tow Mater"    |  1.4.0  |
-# | "Finn McMissile"|  x.x.0  |
+# | "Finn McMissile"|  2.0.0  |
 # |  "Fillmore"     |  x.x.0  |
 # |"Holly Shiftwell"|  x.x.0  |
 # |   "Guido"       |  x.x.0  |
 # |   "Luigi"       |  x.x.0  |
 # | "Doc Hudson"    |  x.x.0  |
-1.5.2 - Tow Mater
+1.6.0 - Tow Mater

data/bin/dawn

@@ -190,6 +190,8 @@ end
 
 target=ARGV.shift
 
+target = File.expand_path(".") if target == "."
+
 $logger.helo APPNAME, Dawn::VERSION
 r = Dawn::Registry.new
 

data/checksum/dawnscanner-1.5.2.gem.sha1

@@ -0,0 +1 @@
+632579913def064e10c4d6c76cb722140bcb5925

data/lib/dawn/kb/cve_2015_5312.rb

@@ -0,0 +1,30 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-01
+			class CVE_2015_5312
+				include DependencyCheck
+
+				def initialize
+          message = "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660."
+           super({
+            :title=>title,
+            :name=> "CVE-2015-5312",
+            :cve=>"2015-5312",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:N/A:C",
+            :release_date => Date.new(2015, 12, 15),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade nokogiri gem to version 1.6.7.1 or later.",
+            :aux_links=>["https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"]
+           })
+
+           self.safe_dependencies = [{:name=>"nokogiri", :version=>['1.6.7.1']}]
+           self.not_affected = {:name=>"nokogiri", :version=>['1.5.x', '1.4.x', '1.3.x', '1.1.x', '1.0.x', '0.x.x']}
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7497.rb

@@ -0,0 +1,32 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7497
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message ="Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors."
+          super({
+            :title=>title,
+            :name=> "CVE-2015-7497",
+            :cve=>"2015-7497",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2015, 12, 15),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade nokogiri gem to version 1.6.7.1 or later.",
+            :aux_links=>["https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"]
+           })
+
+           self.safe_dependencies = [{:name=>"nokogiri", :version=>['1.6.7.1']}]
+           self.not_affected = {:name=>"nokogiri", :version=>['1.5.x', '1.4.x', '1.3.x', '1.1.x', '1.0.x', '0.x.x']}
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7498.rb

@@ -0,0 +1,32 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7498
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message = "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure."
+           super({
+            :title=>title,
+            :name=> "CVE-2015-7498",
+            :cve=>"2015-7498",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2015, 12, 15),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade nokogiri gem to version 1.6.7.1 or later.",
+            :aux_links=>["https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"]
+           })
+
+           self.safe_dependencies = [{:name=>"nokogiri", :version=>['1.6.7.1']}]
+           self.not_affected = {:name=>"nokogiri", :version=>['1.5.x', '1.4.x', '1.3.x', '1.1.x', '1.0.x', '0.x.x']}
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7499.rb

@@ -0,0 +1,32 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7499
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message="Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors."
+           super({
+            :title=>title,
+            :name=> "CVE-2015-7499",
+            :cve=>"2015-7499",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:L/Au:N/C:P/I:N/A:N",
+            :release_date => Date.new(2015, 12, 15),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade nokogiri gem to version 1.6.7.1 or later.",
+            :aux_links=>["https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"]
+           })
+
+           self.safe_dependencies = [{:name=>"nokogiri", :version=>['1.6.7.1']}]
+           self.not_affected = {:name=>"nokogiri", :version=>['1.5.x', '1.4.x', '1.3.x', '1.1.x', '1.0.x', '0.x.x']}
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7500.rb

@@ -0,0 +1,32 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7500
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message = "The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags."
+           super({
+            :title=>title,
+            :name=> "CVE-2015-7500",
+            :cve=>"2015-7500",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:L/Au:N/C:N/I:N/A:P",
+            :release_date => Date.new(2015, 12, 15),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade nokogiri gem to version 1.6.7.1 or later.",
+            :aux_links=>["https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"]
+           })
+
+           self.safe_dependencies = [{:name=>"nokogiri", :version=>['1.6.7.1']}]
+           self.not_affected = {:name=>"nokogiri", :version=>['1.5.x', '1.4.x', '1.3.x', '1.1.x', '1.0.x', '0.x.x']}
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7519.rb

@@ -0,0 +1,31 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7519
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message ="agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header."
+          super({
+            :title=>title,
+            :name=> "CVE-2015-7519",
+            :cve=>"2015-7519",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:M/Au:N/C:N/I:P/A:N",
+            :release_date => Date.new(2016, 1, 8),
+            :cwe=>"119",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade passenger gem to version 4.0.60, 5.0.22 or later.",
+            :aux_links=>["https://blog.phusion.nl/2015/12/07/cve-2015-7519/"]
+           })
+
+          self.safe_dependencies = [{:name=>"passenger", :version=>['4.0.60', '5.0.22']}]
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7541.rb

@@ -0,0 +1,31 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-02-02
+			class CVE_2015_7541
+				# Include the testing skeleton for this CVE
+				include DependencyCheck
+
+				def initialize
+          message = "The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable."
+           super({
+            :title=>title,
+            :name=> "CVE-2015-7541",
+            :cve=>"2015-7541",
+            :osvdb=>"",
+            :cvss=>"AV:N/AC:L/Au:N/C:C/I:C/A:C",
+            :release_date => Date.new(2016, 1, 8),
+            :cwe=>"77",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade colorscore gem to version 0.0.5 or later.",
+            :aux_links=>["http://seclists.org/oss-sec/2016/q1/17"]
+           })
+
+           self.safe_dependencies = [{:name=>"colorscore", :version=>['0.0.5']}]
+
+				end
+			end
+		end
+end

data/lib/dawn/kb/cve_2015_7576.rb

@@ -0,0 +1,35 @@
+module Dawn
+		module Kb
+			# Automatically created with rake on 2016-01-28
+			class CVE_2015_7576
+				# Include the testing skeleton for this CVE
+				# include PatternMatchCheck
+				include DependencyCheck
+				# include RubyVersionCheck
+
+				def initialize
+          message = "There is a timing attack vulnerability in the basic authentication support in Action Controller. Due to the way that Action Controller compares user names and passwords in basic authentication authorization code, it is possible for an attacker to analyze the time taken by a response and intuit the password."
+          super({
+            :title=>title,
+            :name=> "CVE-2015-7576",
+            :cve=>"2015-7576",
+            :osvdb=>"",
+            :cvss=>"",
+            :release_date => Date.new(2016, 1, 26),
+            :cwe=>"",
+            :owasp=>"A9",
+            :applies=>["rails", "sinatra", "padrino"],
+            :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
+            :message=>message,
+            :mitigation=>"Please upgrade actionpack gem to version 3.2.22.1, 4.1.14.1, 4.2.5.1, 5.0.0.beta1.1 or later.",
+            :aux_links=>["http://securitytracker.com/id/1034816"]
+           })
+          self.save_minor=true
+          self.save_major=true
+          self.safe_dependencies = [{:name=>"actionpack", :version=>['3.2.22.1', '4.1.14.1', '4.2.5.1', '5.0.0.beta1.1']}]
+
+
+				end
+			end
+		end
+end