dawnscanner 1.6.1 → 1.6.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (124) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/.ruby-version +1 -1
  5. data/.travis.yml +2 -0
  6. data/Changelog.md +10 -1
  7. data/KnowledgeBase.md +10 -4
  8. data/README.md +1 -1
  9. data/Rakefile +12 -8
  10. data/VERSION +1 -1
  11. data/checksum/dawnscanner-1.6.1.gem.sha1 +1 -0
  12. data/lib/dawn/kb/cve_2016_2097.rb +35 -0
  13. data/lib/dawn/kb/cve_2016_2098.rb +34 -0
  14. data/lib/dawn/knowledge_base.rb +4 -0
  15. data/lib/dawn/version.rb +4 -4
  16. data/spec/lib/dawn/codesake_core_spec.rb +1 -1
  17. data/spec/lib/dawn/codesake_knowledgebase_spec.rb +451 -441
  18. data/spec/lib/dawn/codesake_padrino_engine_disabled.rb +11 -11
  19. data/spec/lib/dawn/codesake_rails_engine_disabled.rb +2 -2
  20. data/spec/lib/dawn/codesake_sinatra_engine_disabled.rb +36 -36
  21. data/spec/lib/kb/codesake_cve_2013_0175_spec.rb +6 -6
  22. data/spec/lib/kb/codesake_cve_2013_4457_spec.rb +7 -7
  23. data/spec/lib/kb/codesake_dependency_version_check_spec.rb +10 -10
  24. data/spec/lib/kb/codesake_deprecation_check_spec.rb +11 -11
  25. data/spec/lib/kb/codesake_ruby_version_check_spec.rb +4 -4
  26. data/spec/lib/kb/codesake_version_check_spec.rb +42 -42
  27. data/spec/lib/kb/cve_2011_2705_spec.rb +7 -7
  28. data/spec/lib/kb/cve_2011_2930_spec.rb +6 -6
  29. data/spec/lib/kb/cve_2011_3009_spec.rb +4 -4
  30. data/spec/lib/kb/cve_2011_3187_spec.rb +4 -4
  31. data/spec/lib/kb/cve_2011_4319_spec.rb +9 -9
  32. data/spec/lib/kb/cve_2011_5036_spec.rb +21 -21
  33. data/spec/lib/kb/cve_2012_1098_spec.rb +7 -7
  34. data/spec/lib/kb/cve_2012_2139_spec.rb +3 -3
  35. data/spec/lib/kb/cve_2012_2671_spec.rb +4 -4
  36. data/spec/lib/kb/cve_2012_6109_spec.rb +25 -25
  37. data/spec/lib/kb/cve_2012_6684_spec.rb +2 -2
  38. data/spec/lib/kb/cve_2013_0162_spec.rb +4 -4
  39. data/spec/lib/kb/cve_2013_0183_spec.rb +11 -11
  40. data/spec/lib/kb/cve_2013_0184_spec.rb +26 -26
  41. data/spec/lib/kb/cve_2013_0256_spec.rb +6 -6
  42. data/spec/lib/kb/cve_2013_0262_spec.rb +9 -9
  43. data/spec/lib/kb/cve_2013_0263_spec.rb +1 -1
  44. data/spec/lib/kb/cve_2013_1607_spec.rb +2 -2
  45. data/spec/lib/kb/cve_2013_1655_spec.rb +4 -4
  46. data/spec/lib/kb/cve_2013_1756_spec.rb +4 -4
  47. data/spec/lib/kb/cve_2013_2090_spec.rb +2 -2
  48. data/spec/lib/kb/cve_2013_2105_spec.rb +1 -1
  49. data/spec/lib/kb/cve_2013_2119_spec.rb +5 -5
  50. data/spec/lib/kb/cve_2013_2512_spec.rb +2 -2
  51. data/spec/lib/kb/cve_2013_2513_spec.rb +2 -2
  52. data/spec/lib/kb/cve_2013_2516_spec.rb +2 -2
  53. data/spec/lib/kb/cve_2013_4203_spec.rb +2 -2
  54. data/spec/lib/kb/cve_2013_4413_spec.rb +2 -2
  55. data/spec/lib/kb/cve_2013_4489_spec.rb +11 -11
  56. data/spec/lib/kb/cve_2013_4491_spec.rb +2 -2
  57. data/spec/lib/kb/cve_2013_4593_spec.rb +2 -2
  58. data/spec/lib/kb/cve_2013_5647_spec.rb +3 -3
  59. data/spec/lib/kb/cve_2013_5671_spec.rb +4 -4
  60. data/spec/lib/kb/cve_2013_6416_spec.rb +5 -5
  61. data/spec/lib/kb/cve_2013_6459_spec.rb +2 -2
  62. data/spec/lib/kb/cve_2013_7086_spec.rb +3 -3
  63. data/spec/lib/kb/cve_2014_0036_spec.rb +2 -2
  64. data/spec/lib/kb/cve_2014_0080_spec.rb +5 -5
  65. data/spec/lib/kb/cve_2014_0081_spec.rb +10 -10
  66. data/spec/lib/kb/cve_2014_0082_spec.rb +8 -8
  67. data/spec/lib/kb/cve_2014_0130_spec.rb +3 -3
  68. data/spec/lib/kb/cve_2014_1233_spec.rb +2 -2
  69. data/spec/lib/kb/cve_2014_1234_spec.rb +2 -2
  70. data/spec/lib/kb/cve_2014_2322_spec.rb +2 -2
  71. data/spec/lib/kb/cve_2014_2538_spec.rb +2 -2
  72. data/spec/lib/kb/cve_2014_3482_spec.rb +2 -2
  73. data/spec/lib/kb/cve_2014_3483_spec.rb +5 -5
  74. data/spec/lib/kb/cve_2014_7818_spec.rb +8 -8
  75. data/spec/lib/kb/cve_2014_7819_spec.rb +32 -32
  76. data/spec/lib/kb/cve_2014_7829_spec.rb +10 -10
  77. data/spec/lib/kb/cve_2014_9490_spec.rb +2 -2
  78. data/spec/lib/kb/cve_2015_1819_spec.rb +2 -2
  79. data/spec/lib/kb/cve_2015_1840_spec.rb +7 -7
  80. data/spec/lib/kb/cve_2015_2963_spec.rb +2 -2
  81. data/spec/lib/kb/cve_2015_3224_spec.rb +2 -2
  82. data/spec/lib/kb/cve_2015_3225_spec.rb +5 -5
  83. data/spec/lib/kb/cve_2015_3226_spec.rb +6 -6
  84. data/spec/lib/kb/cve_2015_3227_spec.rb +5 -5
  85. data/spec/lib/kb/cve_2015_3448_spec.rb +2 -2
  86. data/spec/lib/kb/cve_2015_4020_spec.rb +4 -4
  87. data/spec/lib/kb/cve_2015_5312_spec.rb +6 -6
  88. data/spec/lib/kb/cve_2015_7497_spec.rb +6 -6
  89. data/spec/lib/kb/cve_2015_7498_spec.rb +6 -6
  90. data/spec/lib/kb/cve_2015_7499_spec.rb +6 -6
  91. data/spec/lib/kb/cve_2015_7500_spec.rb +6 -6
  92. data/spec/lib/kb/cve_2015_7519_spec.rb +4 -4
  93. data/spec/lib/kb/cve_2015_7541_spec.rb +2 -2
  94. data/spec/lib/kb/cve_2015_7576_spec.rb +11 -11
  95. data/spec/lib/kb/cve_2015_7577_spec.rb +11 -11
  96. data/spec/lib/kb/cve_2015_7578_spec.rb +2 -2
  97. data/spec/lib/kb/cve_2015_7579_spec.rb +4 -4
  98. data/spec/lib/kb/cve_2015_7581_spec.rb +11 -11
  99. data/spec/lib/kb/cve_2015_8241_spec.rb +6 -6
  100. data/spec/lib/kb/cve_2015_8242_spec.rb +6 -6
  101. data/spec/lib/kb/cve_2015_8317_spec.rb +6 -6
  102. data/spec/lib/kb/cve_2016_0751_spec.rb +11 -11
  103. data/spec/lib/kb/cve_2016_0752_spec.rb +11 -11
  104. data/spec/lib/kb/cve_2016_0753_spec.rb +11 -11
  105. data/spec/lib/kb/cve_2016_2097_spec.rb +35 -0
  106. data/spec/lib/kb/cve_2016_2098_spec.rb +39 -0
  107. data/spec/lib/kb/osvdb_105971_spec.rb +2 -2
  108. data/spec/lib/kb/osvdb_108530_spec.rb +3 -3
  109. data/spec/lib/kb/osvdb_108563_spec.rb +2 -2
  110. data/spec/lib/kb/osvdb_108569_spec.rb +2 -2
  111. data/spec/lib/kb/osvdb_108570_spec.rb +2 -2
  112. data/spec/lib/kb/osvdb_115654_spec.rb +2 -2
  113. data/spec/lib/kb/osvdb_116010_spec.rb +2 -2
  114. data/spec/lib/kb/osvdb_117903_spec.rb +4 -4
  115. data/spec/lib/kb/osvdb_118830_spec.rb +2 -2
  116. data/spec/lib/kb/osvdb_118954_spec.rb +3 -3
  117. data/spec/lib/kb/osvdb_119878_spec.rb +21 -21
  118. data/spec/lib/kb/osvdb_119927_spec.rb +2 -2
  119. data/spec/lib/kb/osvdb_120415_spec.rb +2 -2
  120. data/spec/lib/kb/osvdb_120857_spec.rb +6 -6
  121. data/spec/lib/kb/osvdb_121701_spec.rb +2 -2
  122. data/spec/lib/kb/owasp_ror_cheatsheet_disabled.rb +10 -10
  123. metadata +9 -2
  124. metadata.gz.sig +0 -0
data/spec/lib/kb/cve_2011_2705_spec.rb CHANGED
@@ -6,30 +6,30 @@ describe "The CVE-2011-2705 vulnerability" do
6
6
  end
7
7
  it "fires when ruby 1.8.7-p351 is detected" do
8
8
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p351"}
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "fires when ruby 1.9.0 any patchlevel is detected" do
12
12
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.9.0", :patchlevel=>"p351"}
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
  it "fires when ruby 1.9.1 any patchlevel is detected" do
16
16
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.9.1", :patchlevel=>"p351"}
17
- @check.vuln?.should == true
17
+ expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "fires when ruby 1.9.2-p289 is detected" do
20
20
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"p289"}
21
- @check.vuln?.should == true
21
+ expect(@check.vuln?).to eq(true)
22
22
  end
23
23
  it "doesn't fire when ruby 1.8.7-p352 is detected" do
24
24
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.8.7", :patchlevel=>"p352"}
25
- @check.vuln?.should == false
25
+ expect(@check.vuln?).to eq(false)
26
26
  end
27
27
  it "doesn't fire when ruby 1.9.2-p290 is detected" do
28
28
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.9.2", :patchlevel=>"p290"}
29
- @check.vuln?.should == false
29
+ expect(@check.vuln?).to eq(false)
30
30
  end
31
31
  it "doesn't fire when ruby 1.9.3-p290 is detected" do
32
32
  @check.detected_ruby ={:engine=>"ruby", :version=>"1.9.3", :patchlevel=>"p290"}
33
- @check.vuln?.should == false
33
+ expect(@check.vuln?).to eq(false)
34
34
  end
35
35
  end
data/spec/lib/kb/cve_2011_2930_spec.rb CHANGED
@@ -6,26 +6,26 @@ describe "The CVE-2011-2930 vulnerability" do
6
6
  end
7
7
  it "fires when vulnerable rails version is used (2.3.12)" do
8
8
  @check.dependencies = [{:name=>"rails", :version=>'2.3.12'}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "fires when vulnerable rails version is used (3.0.9)" do
12
12
  @check.dependencies = [{:name=>"rails", :version=>'3.0.9'}]
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
  it "fires when vulnerable rails version is used (3.1.0)" do
16
16
  @check.dependencies = [{:name=>"rails", :version=>'3.1.0'}]
17
- @check.vuln?.should == true
17
+ expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "doesn't fire when safe rails version is used (2.3.14)" do
20
20
  @check.dependencies = [{:name=>"rails", :version=>'2.3.14'}]
21
- @check.vuln?.should == false
21
+ expect(@check.vuln?).to eq(false)
22
22
  end
23
23
  it "doesn't fire when safe rails version is used (3.0.10)" do
24
24
  @check.dependencies = [{:name=>"rails", :version=>'3.0.10'}]
25
- @check.vuln?.should == false
25
+ expect(@check.vuln?).to eq(false)
26
26
  end
27
27
  it "doesn't fire when safe rails version is used (3.1.1)" do
28
28
  @check.dependencies = [{:name=>"rails", :version=>'3.1.1'}]
29
- @check.vuln?.should == false
29
+ expect(@check.vuln?).to eq(false)
30
30
  end
31
31
  end
data/spec/lib/kb/cve_2011_3009_spec.rb CHANGED
@@ -7,19 +7,19 @@ describe "The CVE-2011-3009 vulnerability" do
7
7
  end
8
8
  it "fires if ruby version is vulnerable (1.8.6-p111)" do
9
9
  @check.detected_ruby = {:engine=>'ruby', :version=>"1.8.6", :patchlevel=>"p111"}
10
- @check.vuln?.should == true
10
+ expect(@check.vuln?).to eq(true)
11
11
  end
12
12
  it "fires if ruby version is vulnerable (1.8.5-p111)" do
13
13
  @check.detected_ruby = {:engine=>'ruby', :version=>"1.8.5", :patchlevel=>"p111"}
14
- @check.vuln?.should == true
14
+ expect(@check.vuln?).to eq(true)
15
15
  end
16
16
  it "doesn't fire if ruby version is not vulnerable (1.8.6-p112)" do
17
17
  @check.detected_ruby = {:engine=>'ruby', :version=>"1.8.6", :patchlevel=>"p112"}
18
- @check.vuln?.should == false
18
+ expect(@check.vuln?).to eq(false)
19
19
  end
20
20
  it "doesn't fire if ruby version is not vulnerable (1.9.2-p112)" do
21
21
  @check.detected_ruby = {:engine=>'ruby', :version=>"1.9.2", :patchlevel=>"p112"}
22
- @check.vuln?.should == false
22
+ expect(@check.vuln?).to eq(false)
23
23
  end
24
24
 
25
25
  end
data/spec/lib/kb/cve_2011_3187_spec.rb CHANGED
@@ -6,19 +6,19 @@ describe "The CVE-2011-3187 vulnerability" do
6
6
  end
7
7
  it "fires when vulnerable rails version it has been found (3.0.5)" do
8
8
  @check.dependencies = [{:name=>'rails', :version=>'3.0.5'}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "doesn't fire when safe rails version it has been found (3.0.6)" do
12
12
  @check.dependencies = [{:name=>'rails', :version=>'3.0.6'}]
13
- @check.vuln?.should == false
13
+ expect(@check.vuln?).to eq(false)
14
14
  end
15
15
  it "doesn't fire when safe rails version it has been found (3.1.6)" do
16
16
  @check.dependencies = [{:name=>'rails', :version=>'3.1.6'}]
17
- @check.vuln?.should == false
17
+ expect(@check.vuln?).to eq(false)
18
18
  end
19
19
  it "doesn't fire when safe rails version it has been found (2.3.16)" do
20
20
  @check.dependencies = [{:name=>'rails', :version=>'2.3.16'}]
21
- @check.vuln?.should == false
21
+ expect(@check.vuln?).to eq(false)
22
22
  end
23
23
  # self.safe_dependencies = [{:name=>"rails", :version=>['3.0.6']}]
24
24
  end
data/spec/lib/kb/cve_2011_4319_spec.rb CHANGED
@@ -6,39 +6,39 @@ describe "The CVE-2011-4319 vulnerability" do
6
6
  end
7
7
  it "fires when vulnerable rails version it has been found (2.3.12)" do
8
8
  @check.dependencies = [{:name=>"rails", :version=>'2.3.12'}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "fires when vulnerable rails version it has been found (3.0.10)" do
12
12
  @check.dependencies = [{:name=>"rails", :version=>'3.0.10'}]
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
  it "fires when vulnerable rails version it has been found (3.1.1)" do
16
16
  @check.dependencies = [{:name=>"rails", :version=>'3.0.10'}]
17
- @check.vuln?.should == true
17
+ expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "doesn't fire when safe rails version it has been found (2.3.13)" do
20
20
  @check.dependencies = [{:name=>"rails", :version=>'2.3.13'}]
21
- @check.vuln?.should == false
21
+ expect(@check.vuln?).to eq(false)
22
22
  end
23
23
  it "doesn't fire when safe rails version it has been found (2.3.14)" do
24
24
  @check.dependencies = [{:name=>"rails", :version=>'2.3.14'}]
25
- @check.vuln?.should == false
25
+ expect(@check.vuln?).to eq(false)
26
26
  end
27
27
  it "doesn't fire when safe rails version it has been found (3.0.11)" do
28
28
  @check.dependencies = [{:name=>"rails", :version=>'3.0.11'}]
29
- @check.vuln?.should == false
29
+ expect(@check.vuln?).to eq(false)
30
30
  end
31
31
  it "doesn't fire when safe rails version it has been found (3.0.12)" do
32
32
  @check.dependencies = [{:name=>"rails", :version=>'3.0.12'}]
33
- @check.vuln?.should == false
33
+ expect(@check.vuln?).to eq(false)
34
34
  end
35
35
  it "doesn't fire when safe rails version it has been found (3.1.2)" do
36
36
  @check.dependencies = [{:name=>"rails", :version=>'3.1.2'}]
37
- @check.vuln?.should == false
37
+ expect(@check.vuln?).to eq(false)
38
38
  end
39
39
  it "doesn't fire when safe rails version it has been found (3.2.0)" do
40
40
  @check.dependencies = [{:name=>"rails", :version=>'3.2.0'}]
41
- @check.vuln?.should == false
41
+ expect(@check.vuln?).to eq(false)
42
42
  end
43
43
  # self.safe_dependencies = [{:name=>"rails", :version=>['2.3.13', '3.0.11', '3.1.2']}]
44
44
  end
data/spec/lib/kb/cve_2011_5036_spec.rb CHANGED
@@ -6,90 +6,90 @@ describe "The CVE-2011-5036 vulnerability" do
6
6
  end
7
7
  it "is reported when the vulnerable gem is detected - 1.0.1" do
8
8
  @check.dependencies = [{:name=>"rack", :version=>"1.0.1"}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
 
12
12
  it "is reported when the vulnerable gem is detected - 0.9.1" do
13
13
  @check.dependencies = [{:name=>"rack", :version=>"0.9.1"}]
14
- @check.vuln?.should == true
14
+ expect(@check.vuln?).to eq(true)
15
15
  end
16
16
  it "is reported when the vulnerable gem is detected - 0.9" do
17
17
  @check.dependencies = [{:name=>"rack", :version=>"0.9"}]
18
- @check.vuln?.should == true
18
+ expect(@check.vuln?).to eq(true)
19
19
  end
20
20
  it "is reported when the vulnerable gem is detected - 0.4" do
21
21
  @check.dependencies = [{:name=>"rack", :version=>"0.4"}]
22
- @check.vuln?.should == true
22
+ expect(@check.vuln?).to eq(true)
23
23
  end
24
24
  it "is reported when the vulnerable gem is detected - 0.3" do
25
25
  @check.dependencies = [{:name=>"rack", :version=>"0.3"}]
26
- @check.vuln?.should == true
26
+ expect(@check.vuln?).to eq(true)
27
27
  end
28
28
  it "is reported when the vulnerable gem is detected - 0.2" do
29
29
  @check.dependencies = [{:name=>"rack", :version=>"0.2"}]
30
- @check.vuln?.should == true
30
+ expect(@check.vuln?).to eq(true)
31
31
  end
32
32
  it "is reported when the vulnerable gem is detected - 0.1" do
33
33
  @check.dependencies = [{:name=>"rack", :version=>"0.1"}]
34
- @check.vuln?.should == true
34
+ expect(@check.vuln?).to eq(true)
35
35
  end
36
36
  it "is reported when the vulnerable gem is detected - 1.0.0" do
37
37
  @check.dependencies = [{:name=>"rack", :version=>"1.0.0"}]
38
- @check.vuln?.should == true
38
+ expect(@check.vuln?).to eq(true)
39
39
  end
40
40
  it "is reported when the vulnerable gem is detected - 1.1.0" do
41
41
  @check.dependencies = [{:name=>"rack", :version=>"1.1.0"}]
42
- @check.vuln?.should == true
42
+ expect(@check.vuln?).to eq(true)
43
43
  end
44
44
  it "is reported when the vulnerable gem is detected - 1.1.2" do
45
45
  @check.dependencies = [{:name=>"rack", :version=>"1.1.2"}]
46
- @check.vuln?.should == true
46
+ expect(@check.vuln?).to eq(true)
47
47
  end
48
48
  it "is reported when the vulnerable gem is detected - 1.2.0" do
49
49
  @check.dependencies = [{:name=>"rack", :version=>"1.2.0"}]
50
- @check.vuln?.should == true
50
+ expect(@check.vuln?).to eq(true)
51
51
  end
52
52
 
53
53
  it "is reported when the vulnerable gem is detected - 1.2.1" do
54
54
  @check.dependencies = [{:name=>"rack", :version=>"1.2.1"}]
55
- @check.vuln?.should == true
55
+ expect(@check.vuln?).to eq(true)
56
56
  end
57
57
  it "is reported when the vulnerable gem is detected - 1.2.2" do
58
58
  @check.dependencies = [{:name=>"rack", :version=>"1.2.2"}]
59
- @check.vuln?.should == true
59
+ expect(@check.vuln?).to eq(true)
60
60
  end
61
61
  it "is reported when the vulnerable gem is detected - 1.2.3" do
62
62
 
63
63
  @check.dependencies = [{:name=>"rack", :version=>"1.2.3"}]
64
- @check.vuln?.should == true
64
+ expect(@check.vuln?).to eq(true)
65
65
  end
66
66
  it "is reported when the vulnerable gem is detected - 1.2.4" do
67
67
  @check.dependencies = [{:name=>"rack", :version=>"1.2.4"}]
68
- @check.vuln?.should == true
68
+ expect(@check.vuln?).to eq(true)
69
69
  end
70
70
  it "is reported when the vulnerable gem is detected - 1.3.0" do
71
71
  @check.dependencies = [{:name=>"rack", :version=>"1.3.0"}]
72
- @check.vuln?.should == true
72
+ expect(@check.vuln?).to eq(true)
73
73
  end
74
74
 
75
75
  it "is reported when the vulnerable gem is detected - 1.3.1" do
76
76
  @check.dependencies = [{:name=>"rack", :version=>"1.3.1"}]
77
- @check.vuln?.should == true
77
+ expect(@check.vuln?).to eq(true)
78
78
  end
79
79
  it "is reported when the vulnerable gem is detected - 1.3.2" do
80
80
  @check.dependencies = [{:name=>"rack", :version=>"1.3.2"}]
81
- @check.vuln?.should == true
81
+ expect(@check.vuln?).to eq(true)
82
82
  end
83
83
  it "is reported when the vulnerable gem is detected - 1.3.3" do
84
84
  @check.dependencies = [{:name=>"rack", :version=>"1.3.3"}]
85
- @check.vuln?.should == true
85
+ expect(@check.vuln?).to eq(true)
86
86
  end
87
87
  it "is reported when the vulnerable gem is detected - 1.3.4" do
88
88
  @check.dependencies = [{:name=>"rack", :version=>"1.3.4"}]
89
- @check.vuln?.should == true
89
+ expect(@check.vuln?).to eq(true)
90
90
  end
91
91
  it "is reported when the vulnerable gem is detected - 1.3.5" do
92
92
  @check.dependencies = [{:name=>"rack", :version=>"1.3.5"}]
93
- @check.vuln?.should == true
93
+ expect(@check.vuln?).to eq(true)
94
94
  end
95
95
  end
data/spec/lib/kb/cve_2012_1098_spec.rb CHANGED
@@ -6,31 +6,31 @@ describe "The CVE-2012-1098 vulnerability" do
6
6
  end
7
7
  it "fires when vulnerable rails version it has been found (3.0.11)" do
8
8
  @check.dependencies = [{:name=>"rails", :version=>'3.0.11'}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "fires when vulnerable rails version it has been found (3.1.3)" do
12
12
  @check.dependencies = [{:name=>"rails", :version=>'3.1.3'}]
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
  it "fires when vulnerable rails version it has been found (3.2.1)" do
16
16
  @check.dependencies = [{:name=>"rails", :version=>'3.2.1'}]
17
- @check.vuln?.should == true
17
+ expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "doesn't fire when non vulnerable rails version it has been found (3.2.2)" do
20
20
  @check.dependencies = [{:name=>"rails", :version=>'3.2.2'}]
21
- @check.vuln?.should == false
21
+ expect(@check.vuln?).to eq(false)
22
22
  end
23
23
  it "doesn't fire when non vulnerable rails version it has been found (3.2.4)" do
24
24
  @check.dependencies = [{:name=>"rails", :version=>'3.2.4'}]
25
- @check.vuln?.should == false
25
+ expect(@check.vuln?).to eq(false)
26
26
  end
27
27
  it "doesn't fire when non vulnerable rails version it has been found (3.1.4)" do
28
28
  @check.dependencies = [{:name=>"rails", :version=>'3.1.4'}]
29
29
  # @check.debug = true
30
- @check.vuln?.should == false
30
+ expect(@check.vuln?).to eq(false)
31
31
  end
32
32
  it "doesn't fire when rails version older than 3.x.y it has been found" do
33
33
  @check.dependencies = [{:name=>"rails", :version=>'2.3.12'}]
34
- @check.vuln?.should == false
34
+ expect(@check.vuln?).to eq(false)
35
35
  end
36
36
  end
data/spec/lib/kb/cve_2012_2139_spec.rb CHANGED
@@ -6,15 +6,15 @@ describe "The CVE-2012-2139 vulnerability" do
6
6
  end
7
7
  it "is reported when mail_gem version 2.4.3 is used" do
8
8
  @check.dependencies = [{:name=>"mail_gem", :version=>"2.4.3"}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "is reported when mail_gem version 2.3.3 is used" do
12
12
  @check.dependencies = [{:name=>"mail_gem", :version=>"2.3.3"}]
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
 
16
16
  it "is not reported when mail_gem version 2.4.4 is used" do
17
17
  @check.dependencies = [{:name=>"mail_gem", :version=>"2.4.4"}]
18
- @check.vuln?.should == false
18
+ expect(@check.vuln?).to eq(false)
19
19
  end
20
20
  end
data/spec/lib/kb/cve_2012_2671_spec.rb CHANGED
@@ -6,18 +6,18 @@ describe "The CVE-2012-2671 vulnerability" do
6
6
  end
7
7
  it "is reported when ruby-cache version 0.5 is used" do
8
8
  @check.dependencies = [{:name=>"rack-cache", :version=>'0.5'}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
  it "is reported when ruby-cache version 0.8 is used" do
12
12
  @check.dependencies = [{:name=>"rack-cache", :version=>'0.8'}]
13
- @check.vuln?.should == true
13
+ expect(@check.vuln?).to eq(true)
14
14
  end
15
15
  it "is reported when ruby-cache version 1.1.1 is used" do
16
16
  @check.dependencies = [{:name=>"rack-cache", :version=>'1.1.1'}]
17
- @check.vuln?.should == true
17
+ expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "is not reported when ruby-cache version 1.1.2 is used" do
20
20
  @check.dependencies = [{:name=>"rack-cache", :version=>'1.1.2'}]
21
- @check.vuln?.should == false
21
+ expect(@check.vuln?).to eq(false)
22
22
  end
23
23
  end
data/spec/lib/kb/cve_2012_6109_spec.rb CHANGED
@@ -6,107 +6,107 @@ describe "The CVE-2012-6109 vulnerability" do
6
6
  end
7
7
  it "is reported when the vulnerable gem is detected - 1.0.1" do
8
8
  @check.dependencies = [{:name=>"rack", :version=>"1.0.1"}]
9
- @check.vuln?.should == true
9
+ expect(@check.vuln?).to eq(true)
10
10
  end
11
11
 
12
12
  it "is reported when the vulnerable gem is detected - 0.9.1" do
13
13
  @check.dependencies = [{:name=>"rack", :version=>"0.9.1"}]
14
- @check.vuln?.should == true
14
+ expect(@check.vuln?).to eq(true)
15
15
  end
16
16
  it "is reported when the vulnerable gem is detected - 0.9" do
17
17
  @check.dependencies = [{:name=>"rack", :version=>"0.9"}]
18
- @check.vuln?.should == true
18
+ expect(@check.vuln?).to eq(true)
19
19
  end
20
20
  it "is reported when the vulnerable gem is detected - 0.4" do
21
21
  @check.dependencies = [{:name=>"rack", :version=>"0.4"}]
22
- @check.vuln?.should == true
22
+ expect(@check.vuln?).to eq(true)
23
23
  end
24
24
  it "is reported when the vulnerable gem is detected - 0.3" do
25
25
  @check.dependencies = [{:name=>"rack", :version=>"0.3"}]
26
- @check.vuln?.should == true
26
+ expect(@check.vuln?).to eq(true)
27
27
  end
28
28
  it "is reported when the vulnerable gem is detected - 0.2" do
29
29
  @check.dependencies = [{:name=>"rack", :version=>"0.2"}]
30
- @check.vuln?.should == true
30
+ expect(@check.vuln?).to eq(true)
31
31
  end
32
32
  it "is reported when the vulnerable gem is detected - 0.1" do
33
33
  @check.dependencies = [{:name=>"rack", :version=>"0.1"}]
34
- @check.vuln?.should == true
34
+ expect(@check.vuln?).to eq(true)
35
35
  end
36
36
  it "is reported when the vulnerable gem is detected - 1.0.0" do
37
37
  @check.dependencies = [{:name=>"rack", :version=>"1.0.0"}]
38
- @check.vuln?.should == true
38
+ expect(@check.vuln?).to eq(true)
39
39
  end
40
40
  it "is reported when the vulnerable gem is detected - 1.1.0" do
41
41
  @check.dependencies = [{:name=>"rack", :version=>"1.1.0"}]
42
- @check.vuln?.should == true
42
+ expect(@check.vuln?).to eq(true)
43
43
  end
44
44
  it "is reported when the vulnerable gem is detected - 1.1.3" do
45
45
  @check.dependencies = [{:name=>"rack", :version=>"1.1.3"}]
46
- @check.vuln?.should == true
46
+ expect(@check.vuln?).to eq(true)
47
47
  end
48
48
  it "is reported when the vulnerable gem is detected - 1.1.2" do
49
49
  @check.dependencies = [{:name=>"rack", :version=>"1.1.2"}]
50
- @check.vuln?.should == true
50
+ expect(@check.vuln?).to eq(true)
51
51
  end
52
52
  it "is reported when the vulnerable gem is detected - 1.2.0" do
53
53
  @check.dependencies = [{:name=>"rack", :version=>"1.2.0"}]
54
- @check.vuln?.should == true
54
+ expect(@check.vuln?).to eq(true)
55
55
  end
56
56
 
57
57
  it "is reported when the vulnerable gem is detected - 1.2.1" do
58
58
  @check.dependencies = [{:name=>"rack", :version=>"1.2.1"}]
59
- @check.vuln?.should == true
59
+ expect(@check.vuln?).to eq(true)
60
60
  end
61
61
  it "is reported when the vulnerable gem is detected - 1.2.2" do
62
62
  @check.dependencies = [{:name=>"rack", :version=>"1.2.2"}]
63
- @check.vuln?.should == true
63
+ expect(@check.vuln?).to eq(true)
64
64
  end
65
65
  it "is reported when the vulnerable gem is detected - 1.2.3" do
66
66
 
67
67
  @check.dependencies = [{:name=>"rack", :version=>"1.2.3"}]
68
- @check.vuln?.should == true
68
+ expect(@check.vuln?).to eq(true)
69
69
  end
70
70
  it "is reported when the vulnerable gem is detected - 1.2.4" do
71
71
  @check.dependencies = [{:name=>"rack", :version=>"1.2.4"}]
72
- @check.vuln?.should == true
72
+ expect(@check.vuln?).to eq(true)
73
73
  end
74
74
  it "is reported when the vulnerable gem is detected - 1.3.0" do
75
75
  @check.dependencies = [{:name=>"rack", :version=>"1.3.0"}]
76
- @check.vuln?.should == true
76
+ expect(@check.vuln?).to eq(true)
77
77
  end
78
78
 
79
79
  it "is reported when the vulnerable gem is detected - 1.3.1" do
80
80
  @check.dependencies = [{:name=>"rack", :version=>"1.3.1"}]
81
- @check.vuln?.should == true
81
+ expect(@check.vuln?).to eq(true)
82
82
  end
83
83
  it "is reported when the vulnerable gem is detected - 1.3.2" do
84
84
  @check.dependencies = [{:name=>"rack", :version=>"1.3.2"}]
85
- @check.vuln?.should == true
85
+ expect(@check.vuln?).to eq(true)
86
86
  end
87
87
  it "is reported when the vulnerable gem is detected - 1.3.3" do
88
88
  @check.dependencies = [{:name=>"rack", :version=>"1.3.3"}]
89
- @check.vuln?.should == true
89
+ expect(@check.vuln?).to eq(true)
90
90
  end
91
91
  it "is reported when the vulnerable gem is detected - 1.3.4" do
92
92
  @check.dependencies = [{:name=>"rack", :version=>"1.3.4"}]
93
- @check.vuln?.should == true
93
+ expect(@check.vuln?).to eq(true)
94
94
  end
95
95
  it "is reported when the vulnerable gem is detected - 1.3.5" do
96
96
  @check.dependencies = [{:name=>"rack", :version=>"1.3.5"}]
97
- @check.vuln?.should == true
97
+ expect(@check.vuln?).to eq(true)
98
98
  end
99
99
  it "is reported when the vulnerable gem is detected - 1.3.6" do
100
100
  @check.dependencies = [{:name=>"rack", :version=>"1.3.6"}]
101
- @check.vuln?.should == true
101
+ expect(@check.vuln?).to eq(true)
102
102
  end
103
103
 
104
104
  it "is reported when the vulnerable gem is detected - 1.4.0" do
105
105
  @check.dependencies = [{:name=>"rack", :version=>"1.4.0"}]
106
- @check.vuln?.should == true
106
+ expect(@check.vuln?).to eq(true)
107
107
  end
108
108
  it "is reported when the vulnerable gem is detected - 1.4.1" do
109
109
  @check.dependencies = [{:name=>"rack", :version=>"1.4.1"}]
110
- @check.vuln?.should == true
110
+ expect(@check.vuln?).to eq(true)
111
111
  end
112
112
  end