dawnscanner 1.5.2 → 1.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.travis.yml +8 -1
  5. data/Changelog.md +64 -1
  6. data/KnowledgeBase.md +38 -2
  7. data/README.md +2 -1
  8. data/VERSION +2 -3
  9. data/bin/dawn +2 -0
  10. data/checksum/dawnscanner-1.5.2.gem.sha1 +1 -0
  11. data/lib/dawn/kb/cve_2015_5312.rb +30 -0
  12. data/lib/dawn/kb/cve_2015_7497.rb +32 -0
  13. data/lib/dawn/kb/cve_2015_7498.rb +32 -0
  14. data/lib/dawn/kb/cve_2015_7499.rb +32 -0
  15. data/lib/dawn/kb/cve_2015_7500.rb +32 -0
  16. data/lib/dawn/kb/cve_2015_7519.rb +31 -0
  17. data/lib/dawn/kb/cve_2015_7541.rb +31 -0
  18. data/lib/dawn/kb/cve_2015_7576.rb +35 -0
  19. data/lib/dawn/kb/cve_2015_7577.rb +32 -0
  20. data/lib/dawn/kb/cve_2015_7578.rb +30 -0
  21. data/lib/dawn/kb/cve_2015_7579.rb +30 -0
  22. data/lib/dawn/kb/cve_2015_7581.rb +33 -0
  23. data/lib/dawn/kb/cve_2015_8241.rb +32 -0
  24. data/lib/dawn/kb/cve_2015_8242.rb +32 -0
  25. data/lib/dawn/kb/cve_2015_8317.rb +32 -0
  26. data/lib/dawn/kb/cve_2016_0751.rb +30 -0
  27. data/lib/dawn/kb/cve_2016_0752.rb +35 -0
  28. data/lib/dawn/kb/cve_2016_0753.rb +31 -0
  29. data/lib/dawn/kb/version_check.rb +61 -29
  30. data/lib/dawn/knowledge_base.rb +39 -1
  31. data/lib/dawn/reporter.rb +17 -8
  32. data/lib/dawn/version.rb +4 -4
  33. data/spec/lib/dawn/codesake_knowledgebase_spec.rb +90 -0
  34. data/spec/lib/kb/codesake_version_check_spec.rb +2 -2
  35. data/spec/lib/kb/cve_2015_5312_spec.rb +31 -0
  36. data/spec/lib/kb/cve_2015_7497_spec.rb +31 -0
  37. data/spec/lib/kb/cve_2015_7498_spec.rb +31 -0
  38. data/spec/lib/kb/cve_2015_7499_spec.rb +31 -0
  39. data/spec/lib/kb/cve_2015_7500_spec.rb +31 -0
  40. data/spec/lib/kb/cve_2015_7519_spec.rb +23 -0
  41. data/spec/lib/kb/cve_2015_7541_spec.rb +15 -0
  42. data/spec/lib/kb/cve_2015_7576_spec.rb +51 -0
  43. data/spec/lib/kb/cve_2015_7577_spec.rb +51 -0
  44. data/spec/lib/kb/cve_2015_7578_spec.rb +15 -0
  45. data/spec/lib/kb/cve_2015_7579_spec.rb +23 -0
  46. data/spec/lib/kb/cve_2015_7581_spec.rb +51 -0
  47. data/spec/lib/kb/cve_2015_8241_spec.rb +31 -0
  48. data/spec/lib/kb/cve_2015_8242_spec.rb +31 -0
  49. data/spec/lib/kb/cve_2015_8317_spec.rb +31 -0
  50. data/spec/lib/kb/cve_2016_0751_spec.rb +51 -0
  51. data/spec/lib/kb/cve_2016_0752_spec.rb +51 -0
  52. data/spec/lib/kb/cve_2016_0753_spec.rb +51 -0
  53. metadata +57 -2
  54. metadata.gz.sig +0 -0
@@ -243,7 +243,27 @@ require "dawn/kb/cve_2015_3226"
243
243
  require "dawn/kb/cve_2015_3227"
244
244
  require "dawn/kb/cve_2015_3448"
245
245
  require "dawn/kb/cve_2015_4020"
246
-
246
+ require "dawn/kb/cve_2015_5312"
247
+ require "dawn/kb/cve_2015_7497"
248
+ require "dawn/kb/cve_2015_7498"
249
+ require "dawn/kb/cve_2015_7499"
250
+ require "dawn/kb/cve_2015_7500"
251
+ require "dawn/kb/cve_2015_7519"
252
+ require "dawn/kb/cve_2015_7541"
253
+ require "dawn/kb/cve_2015_7576"
254
+ require "dawn/kb/cve_2015_7577"
255
+ require "dawn/kb/cve_2015_7578"
256
+ require "dawn/kb/cve_2015_7579"
257
+ require "dawn/kb/cve_2015_7581"
258
+ require "dawn/kb/cve_2015_8241"
259
+ require "dawn/kb/cve_2015_8242"
260
+ require "dawn/kb/cve_2015_8317"
261
+
262
+ # CVE - 2016
263
+
264
+ require "dawn/kb/cve_2016_0751"
265
+ require "dawn/kb/cve_2016_0752"
266
+ require "dawn/kb/cve_2016_0753"
247
267
 
248
268
  # OSVDB
249
269
 
@@ -525,6 +545,24 @@ module Dawn
525
545
  Dawn::Kb::CVE_2015_3227.new,
526
546
  Dawn::Kb::CVE_2015_3448.new,
527
547
  Dawn::Kb::CVE_2015_4020.new,
548
+ Dawn::Kb::CVE_2015_5312.new,
549
+ Dawn::Kb::CVE_2015_7497.new,
550
+ Dawn::Kb::CVE_2015_7498.new,
551
+ Dawn::Kb::CVE_2015_7499.new,
552
+ Dawn::Kb::CVE_2015_7500.new,
553
+ Dawn::Kb::CVE_2015_7519.new,
554
+ Dawn::Kb::CVE_2015_7541.new,
555
+ Dawn::Kb::CVE_2015_7576.new,
556
+ Dawn::Kb::CVE_2015_7577.new,
557
+ Dawn::Kb::CVE_2015_7578.new,
558
+ Dawn::Kb::CVE_2015_7579.new,
559
+ Dawn::Kb::CVE_2015_7581.new,
560
+ Dawn::Kb::CVE_2015_8241.new,
561
+ Dawn::Kb::CVE_2015_8242.new,
562
+ Dawn::Kb::CVE_2015_8317.new,
563
+ Dawn::Kb::CVE_2016_0751.new,
564
+ Dawn::Kb::CVE_2016_0752.new,
565
+ Dawn::Kb::CVE_2016_0753.new,
528
566
 
529
567
 
530
568
  # OSVDB Checks are still here since are all about dependencies
data/lib/dawn/reporter.rb CHANGED
@@ -26,7 +26,7 @@ module Dawn
26
26
  puts output if @filename.nil?
27
27
 
28
28
  unless @filename.nil?
29
- $logger.warn "I will use codesake.css, bootstrap.min.css and bootstrap.js stored in ./support/ directory" if @format == :html
29
+ # $logger.warn "I will use codesake.css, bootstrap.min.css and bootstrap.js stored in ./support/ directory" if @format == :html
30
30
  File.open(@filename, "w") do |f|
31
31
  f.puts output
32
32
  end
@@ -37,7 +37,7 @@ module Dawn
37
37
  def write_html(path, content)
38
38
  css_path = File.join(path, 'css')
39
39
  js_path = File.join(path, 'js')
40
- support_path = File.join(Dir.pwd, 'support')
40
+ support_path = File.join(File.dirname(__FILE__), '..', '..', 'support')
41
41
 
42
42
  FileUtils.mkdir_p(File.join(path, 'css'))
43
43
  FileUtils.mkdir_p(File.join(path, 'js'))
@@ -67,13 +67,18 @@ module Dawn
67
67
  end
68
68
 
69
69
  def html_report
70
- output = @engine.create_output_dir
71
-
70
+ output = @engine.create_output_dir if @filename.nil?
72
71
  html_head = "<!doctype html>\n<html>\n<head>\n<title>Dawnscanner report for #{File.basename(@engine.target)}</title>"
73
- html_head += "<script src=\"./js/bootstrap.js\"></script>\n"
74
- html_head += "<link href=\"./css/codesake.css\" media=\"all\" rel=\"stylesheet\" />\n"
75
- html_head += "<link href=\"./css/bootstrap.min.css\" media=\"all\" rel=\"stylesheet\" />\n"
72
+ html_head +=" <link rel=\"stylesheet\" href=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css\" integrity=\"sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7\" crossorigin=\"anonymous\">"
73
+
74
+ html_head += "<script src=\"https://code.jquery.com/jquery-2.2.0.min.js\"></script>"
75
+ html_head += "<link rel=\"stylesheet\" href=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css\" integrity=\"sha384-fLW2N01lMqjakBkx3l/M9EahuwpSfeNvV63J5ezn3uZzapT0u7EYsXMjQV+0En5r\" crossorigin=\"anonymous\">"
76
+
77
+ html_head += "<script src=\"https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js\" integrity=\"sha384-0mSbJDEHialfmuBBQP6A4Qrprq5OVfW37PRR3j5ELqxss1yVqOtnepnHVP9aJ7xS\" crossorigin=\"anonymous\"></script>"
78
+ html_head += "<style type=\"text/css\">body{padding-top:20px;padding-bottom:40px}.container-narrow{margin:0 auto;max-width:700px}.container-narrow>hr{margin:30px 0}.jumbotron,.marketing{margin:60px 0}.jumbotron{text-align:center}.jumbotron h1{font-size:72px;line-height:1}.jumbotron .btn{font-size:21px;padding:14px 24px}.marketing p+h4{margin-top:28px}#wrap{min-height:100%;height:auto!important;height:100%;margin:0 auto -60px}#footer,#push{height:60px}#footer{background-color:#f5f5f5}@media (max-width:767px){#footer{margin-left:-20px;margin-right:-20px;padding-left:20px;padding-right:20px}}
79
+ </style>"
76
80
  html_head += "</head>\n"
81
+
77
82
  html_body = "<body>\n"
78
83
  html_body += ""
79
84
  html_body += "<div id=\"wrap\">\n"
@@ -144,7 +149,11 @@ module Dawn
144
149
 
145
150
  html = html_head + html_body
146
151
 
147
- write_html(output, html)
152
+ unless @filename.nil?
153
+ write(html)
154
+ else
155
+ write_html(output, html)
156
+ end
148
157
  true
149
158
  end
150
159
 
data/lib/dawn/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Dawn
2
- VERSION = "1.5.2"
2
+ VERSION = "1.6.0"
3
3
  CODENAME = "Tow Mater"
4
- RELEASE = "20151216"
5
- BUILD = "4"
6
- COMMIT = "gee91733"
4
+ RELEASE = "20160203"
5
+ BUILD = "23"
6
+ COMMIT = "g46c66f6"
7
7
  end
@@ -1074,4 +1074,94 @@ describe "The Codesake Dawn knowledge base" do
1074
1074
  sc.should_not be_nil
1075
1075
  sc.class.should == Dawn::Kb::CVE_2015_1819
1076
1076
  end
1077
+ it "must have test for CVE-2015-7576" do
1078
+ sc = kb.find("CVE-2015-7576")
1079
+ sc.should_not be_nil
1080
+ sc.class.should == Dawn::Kb::CVE_2015_7576
1081
+ end
1082
+ it "must have test for CVE-2016-0751" do
1083
+ sc = kb.find("CVE-2016-0751")
1084
+ sc.should_not be_nil
1085
+ sc.class.should == Dawn::Kb::CVE_2016_0751
1086
+ end
1087
+ it "must have test for CVE-2015-7577" do
1088
+ sc = kb.find("CVE-2015-7577")
1089
+ sc.should_not be_nil
1090
+ sc.class.should == Dawn::Kb::CVE_2015_7577
1091
+ end
1092
+ it "must have test for CVE-2015-7579" do
1093
+ sc = kb.find("CVE-2015-7579")
1094
+ sc.should_not be_nil
1095
+ sc.class.should == Dawn::Kb::CVE_2015_7579
1096
+ end
1097
+ it "must have test for CVE-2016-0752" do
1098
+ sc = kb.find("CVE-2016-0752")
1099
+ sc.should_not be_nil
1100
+ sc.class.should == Dawn::Kb::CVE_2016_0752
1101
+ end
1102
+ it "must have test for CVE-2016-0753" do
1103
+ sc = kb.find("CVE-2016-0753")
1104
+ sc.should_not be_nil
1105
+ sc.class.should == Dawn::Kb::CVE_2016_0753
1106
+ end
1107
+ it "must have test for CVE-2015-7578" do
1108
+ sc = kb.find("CVE-2015-7578")
1109
+ sc.should_not be_nil
1110
+ sc.class.should == Dawn::Kb::CVE_2015_7578
1111
+ end
1112
+ it "must have test for CVE-2015-7581" do
1113
+ sc = kb.find("CVE-2015-7581")
1114
+ sc.should_not be_nil
1115
+ sc.class.should == Dawn::Kb::CVE_2015_7581
1116
+ end
1117
+ it "must have test for CVE-2015-5312" do
1118
+ sc = kb.find("CVE-2015-5312")
1119
+ sc.should_not be_nil
1120
+ sc.class.should == Dawn::Kb::CVE_2015_5312
1121
+ end
1122
+ it "must have test for CVE-2015-7497" do
1123
+ sc = kb.find("CVE-2015-7497")
1124
+ sc.should_not be_nil
1125
+ sc.class.should == Dawn::Kb::CVE_2015_7497
1126
+ end
1127
+ it "must have test for CVE-2015-7498" do
1128
+ sc = kb.find("CVE-2015-7498")
1129
+ sc.should_not be_nil
1130
+ sc.class.should == Dawn::Kb::CVE_2015_7498
1131
+ end
1132
+ it "must have test for CVE-2015-7499" do
1133
+ sc = kb.find("CVE-2015-7499")
1134
+ sc.should_not be_nil
1135
+ sc.class.should == Dawn::Kb::CVE_2015_7499
1136
+ end
1137
+ it "must have test for CVE-2015-7500" do
1138
+ sc = kb.find("CVE-2015-7500")
1139
+ sc.should_not be_nil
1140
+ sc.class.should == Dawn::Kb::CVE_2015_7500
1141
+ end
1142
+ it "must have test for CVE-2015-8241" do
1143
+ sc = kb.find("CVE-2015-8241")
1144
+ sc.should_not be_nil
1145
+ sc.class.should == Dawn::Kb::CVE_2015_8241
1146
+ end
1147
+ it "must have test for CVE-2015-8242" do
1148
+ sc = kb.find("CVE-2015-8242")
1149
+ sc.should_not be_nil
1150
+ sc.class.should == Dawn::Kb::CVE_2015_8242
1151
+ end
1152
+ it "must have test for CVE-2015-8317" do
1153
+ sc = kb.find("CVE-2015-8317")
1154
+ sc.should_not be_nil
1155
+ sc.class.should == Dawn::Kb::CVE_2015_8317
1156
+ end
1157
+ it "must have test for CVE-2015-7541" do
1158
+ sc = kb.find("CVE-2015-7541")
1159
+ sc.should_not be_nil
1160
+ sc.class.should == Dawn::Kb::CVE_2015_7541
1161
+ end
1162
+ it "must have test for CVE-2015-7519" do
1163
+ sc = kb.find("CVE-2015-7519")
1164
+ sc.should_not be_nil
1165
+ sc.class.should == Dawn::Kb::CVE_2015_7519
1166
+ end
1077
1167
  end
@@ -64,7 +64,7 @@ describe "The version check should" do
64
64
  @check.is_vulnerable_version?('2.3.0', '2.3.0.beta9').should == true
65
65
  end
66
66
  it "reports a safe condition when a beta version is safe and the stable version is detected" do
67
- @check.is_vulnerable_version?('2.3.0.beta9', '2.3.0').should == true
67
+ @check.is_vulnerable_version?('2.3.0.beta9', '2.3.0').should == false
68
68
  end
69
69
  it "reports a vulnerability when a previous beta version is detected" do
70
70
  @check.is_vulnerable_version?('2.3.0', '2.2.10.beta2').should == true
@@ -124,7 +124,7 @@ describe "The version check should" do
124
124
  @check.is_vulnerable_version?('2.3.0', '2.3.0.pre9').should == true
125
125
  end
126
126
  it "reports a safe condition when a pre version is safe and the stable version is detected" do
127
- @check.is_vulnerable_version?('2.3.0.pre9', '2.3.0').should == true
127
+ @check.is_vulnerable_version?('2.3.0.pre9', '2.3.0').should == false
128
128
  end
129
129
  it "reports a vulnerability when a previous pre version is detected" do
130
130
  @check.is_vulnerable_version?('2.3.0', '2.2.10.pre2').should == true
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-5312 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_5312.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.5"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.0"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7.1"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.5.6"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.4.6"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ end
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7497 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7497.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.5"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.0"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7.1"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.5.6"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.4.6"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ end
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7498 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7498.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.5"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.0"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7.1"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.5.6"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.4.6"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ end
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7499 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7499.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.5"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.0"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7.1"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.5.6"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.4.6"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ end
@@ -0,0 +1,31 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7500 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7500.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.5"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.0"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.6.7.1"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.5.6"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"nokogiri", :version=>"1.4.6"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ end
@@ -0,0 +1,23 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7519 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7519.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"passenger", :version=>"4.0.54"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"passenger", :version=>"5.0.12"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is not reported when a fixed release is detected" do
16
+ @check.dependencies = [{:name=>"passenger", :version=>"4.0.60"}]
17
+ @check.vuln?.should == false
18
+ end
19
+ it "is not reported when a fixed release is detected" do
20
+ @check.dependencies = [{:name=>"passenger", :version=>"5.0.22"}]
21
+ @check.vuln?.should == false
22
+ end
23
+ end
@@ -0,0 +1,15 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7541 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7541.new
5
+ # @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"colorscore", :version=>"0.0.4"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is not reported when a fixed release is detected" do
12
+ @check.dependencies = [{:name=>"colorscore", :version=>"0.0.5"}]
13
+ @check.vuln?.should == false
14
+ end
15
+ end
@@ -0,0 +1,51 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2015-7576 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2015_7576.new
5
+ @check.debug = true
6
+ end
7
+ it "is reported when the vulnerable gem is detected" do
8
+ @check.dependencies = [{:name=>"actionpack", :version=>"5.0.0.beta.1"}]
9
+ @check.vuln?.should == true
10
+ end
11
+ it "is reported when the vulnerable gem is detected" do
12
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.2.5"}]
13
+ @check.vuln?.should == true
14
+ end
15
+ it "is reported when the vulnerable gem is detected" do
16
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.1.14"}]
17
+ @check.vuln?.should == true
18
+ end
19
+ it "is reported when the vulnerable gem is detected" do
20
+ @check.dependencies = [{:name=>"actionpack", :version=>"3.2.22"}]
21
+ @check.vuln?.should == true
22
+ end
23
+ it "is not reported when a fixed release is detected" do
24
+ @check.dependencies = [{:name=>"actionpack", :version=>"5.0.0"}]
25
+ @check.vuln?.should == false
26
+ end
27
+ it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.2.5.1"}]
29
+ @check.vuln?.should == false
30
+ end
31
+ it "is not reported when a fixed release is detected" do
32
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.2.6"}]
33
+ @check.vuln?.should == false
34
+ end
35
+ it "is not reported when a fixed release is detected" do
36
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.1.14.2"}]
37
+ @check.vuln?.should == false
38
+ end
39
+ it "is not reported when a fixed release is detected" do
40
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.1.15"}]
41
+ @check.vuln?.should == false
42
+ end
43
+ it "is not reported when a fixed release is detected" do
44
+ @check.dependencies = [{:name=>"actionpack", :version=>"3.2.22.1"}]
45
+ @check.vuln?.should == false
46
+ end
47
+ it "is not reported when a fixed release is detected" do
48
+ @check.dependencies = [{:name=>"actionpack", :version=>"3.2.23"}]
49
+ @check.vuln?.should == false
50
+ end
51
+ end