dawnscanner 1.6.2 → 1.6.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 970e93679f0ac361a19a2e761c8918f91b80686e
4
- data.tar.gz: 8ad5519fc5d4ad77eb1d3d771756a9116cede2a0
3
+ metadata.gz: 33c6d0a08fb962b05e2bbaaef34304fcc515d532
4
+ data.tar.gz: d717d82436f1e27eb7b45d6e8a69c9c9123b7361
5
5
  SHA512:
6
- metadata.gz: 1aad748210b7509d5a13cf0c84eb82054bdf6cb54fed4775613de32a202acc2107f612f2b6e05b85e92269887883daadb7ace0676862c117f5170a4a953012b2
7
- data.tar.gz: 46d1200055f2f5db08aa2bcc1e8a211a5025ff6c907f87568360696031c761589deef850b38388651d6fd1b6df3749c9604d79bbe35b8fbdfbd2f66103868c48
6
+ metadata.gz: 8860de757761b8caee9ae1c72fc6fc20242ad8e4a510e345bc9b444e2e25951bbb5fc2e5fbc9db2bc9ac1bde28f393d45c99fbf23d6ddd7e3509f9681f3f928f
7
+ data.tar.gz: 92a9113bb0af039a98f822b6fc74936fb2f581e1a2e4ca7775c7483a6ee68b39c1f543c144d0ac7c12aecd4e07e3c953f3d7bf36211e65836ff48437cc3472d3
Binary file
data.tar.gz.sig CHANGED
Binary file
@@ -7,6 +7,15 @@ frameworks.
7
7
 
8
8
  _latest update: Tue Mar 1 23:11:10 CET 2016_
9
9
 
10
+ ## Version 1.6.3 - codename: Tow Mater (2016-09-06)
11
+
12
+ * Issue #107 - Applying PULL REQUEST from @MKgridSec about CVE-2013-0334 check
13
+ * Issue #196 - Applying PULL REQUEST from @MKgridSec about CVE 2016 0751
14
+ incorrectly flagged
15
+ * Issue #197 - Applying PULL REQUEST from @MKgridSec about CVE-2016-2098
16
+ incorrectly flagged
17
+
18
+
10
19
  ## Version 1.6.2 - codename: Tow Mater (2016-03-02)
11
20
 
12
21
  * Issue #194 - Adding a check for CVE-2016-2098: Possible remote code execution
@@ -1,6 +1,6 @@
1
1
  # Dawnscanner Knowledge base
2
2
 
3
- The knowledge base library for dawnscanner version 1.6.2 contains 229 security checks.
3
+ The knowledge base library for dawnscanner version 1.6.3 contains 230 security checks.
4
4
  ---
5
5
  * Simple Form XSS - 20131129: There is a XSS vulnerability on Simple Form's label, hint and error options. When Simple Form creates a label, hint or error message it marks the text as being HTML safe, even though it may contain HTML tags. In applications where the text of these helpers can be provided by the users, malicious values can be provided and Simple Form will mark it as safe.
6
6
  * [CVE-2004-0755](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0755): The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
@@ -207,6 +207,8 @@ The knowledge base library for dawnscanner version 1.6.2 contains 229 security c
207
207
  * CVE-2013-0285: The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.
208
208
  * [CVE-2013-0333](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333): lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
209
209
  * CVE-2013-0333: lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
210
+ * [CVE-2013-0334](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0334): CVE-2013-0334: Bundler Gem for Ruby Multiple Top-level Source Lines Gemfile Handling Gem Installation Spoofing
211
+ * CVE-2013-0334: CVE-2013-0334: Bundler Gem for Ruby Multiple Top-level Source Lines Gemfile Handling Gem Installation Spoofing
210
212
  * [CVE-2013-1607](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1607): PDFKit Gem for Ruby contains a flaw that is due to the program failing to properly validate input during the handling of parameters when generating PDF files. This may allow a remote attacker to potentially execute arbitrary code via the pdfkit generation options.
211
213
  * CVE-2013-1607: PDFKit Gem for Ruby contains a flaw that is due to the program failing to properly validate input during the handling of parameters when generating PDF files. This may allow a remote attacker to potentially execute arbitrary code via the pdfkit generation options.
212
214
  * [CVE-2013-1655](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1655): Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when
@@ -479,4 +481,4 @@ Setting this to true will essentially strip out any host information.
479
481
  This check will analyze the source code looking for the following patterns: XXX, TO_CHECK, CHECKME, CHECK and FIXME
480
482
 
481
483
 
482
- _Last updated: Tue 01 Mar 23:13:46 CET 2016_
484
+ _Last updated: Tue 06 Sep 22:42:45 CEST 2016_
data/VERSION CHANGED
@@ -12,4 +12,4 @@
12
12
  # | "Guido" | x.x.0 |
13
13
  # | "Luigi" | x.x.0 |
14
14
  # | "Doc Hudson" | x.x.0 |
15
- 1.6.2 - Tow Mater
15
+ 1.6.3 - Tow Mater
@@ -0,0 +1 @@
1
+ 42e13e8044d521b5d70df913bb979389bd6da028
@@ -0,0 +1,25 @@
1
+ module Dawn
2
+ module Kb
3
+ class CVE_2013_0334
4
+ include DependencyCheck
5
+
6
+ def initialize
7
+ message = "CVE-2013-0334: Bundler Gem for Ruby Multiple Top-level Source Lines Gemfile Handling Gem Installation Spoofing"
8
+ super({
9
+ :name=>"CVE-2013-0334",
10
+ :cvss=>"AV:N/AC:L/Au:N/C:N/I:P/A:N",
11
+ :release_date => Date.new(2014, 8, 13),
12
+ :cwe=>"",
13
+ :owasp=>"A9",
14
+ :applies=>["rails", "sinatra", "padrino"],
15
+ :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
16
+ :message=>message,
17
+ :mitigation=>"Please upgrade bundler gem to 1.7.0 or later",
18
+ :aux_links=>["http://bundler.io/blog/2014/08/14/bundler-may-install-gems-from-a-different-source-than-expected-cve-2013-0334.html", "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0334"]
19
+ })
20
+
21
+ self.safe_dependencies = [{:name=>"bundler", :version=>['1.7.0']}]
22
+ end
23
+ end
24
+ end
25
+ end
@@ -20,11 +20,13 @@ module Dawn
20
20
  :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
21
21
  :message=>message,
22
22
  :mitigation=>"Please upgrade activerecord gem to version 3.2.22.1, 4.1.14.1, 4.2.5.1, 5.0.0.beta1.1 or later.",
23
- :aux_links=>["http://securitytracker.com/id/1034816"]
23
+ :aux_links=>["http://securitytracker.com/id/1034816", "https://groups.google.com/forum/#!topic/rubyonrails-security/cawsWcQ6c8g"]
24
24
  })
25
25
  self.save_minor=true
26
26
  self.save_major=true
27
- self.safe_dependencies = [{:name=>"activerecord", :version=>['3.2.22.1', '4.1.14.1', '4.2.5.1', '5.0.0.beta1.1']}]
27
+ self.debug = true
28
+ self.safe_dependencies = [{:name=>"activerecord", :version=>['3.1.9999','3.2.22.1', '4.1.14.1', '4.2.5.1', '5.0.0.beta1.1']}]
29
+ self.not_affected = {:name=>"actionpack", :version=>['3.0.x']}
28
30
 
29
31
  end
30
32
  end
@@ -22,7 +22,9 @@ module Dawn
22
22
  :mitigation=>"Please upgrade actionpack gem to version 3.2.22.1, 4.1.14.1, 4.2.5.1, 5.0.0.beta1.1 or later.",
23
23
  :aux_links=>["http://securitytracker.com/id/1034816"]
24
24
  })
25
- self.safe_dependencies = [{:name=>"actionpack", :version=>['3.2.22.1', '4.1.14.1', '4.2.5.1', '5.0.0.beta1.1']}]
25
+ self.save_minor=true
26
+ self.save_major=true
27
+ self.safe_dependencies = [{:name=>"actionpack", :version=>['3.2.22.1', '4.0.9999', '4.1.14.1', '4.2.5.1', '5.0.0.beta1.1']}]
26
28
 
27
29
  end
28
30
  end
@@ -24,9 +24,10 @@ controller or a view may be vulnerable to a code injection."
24
24
  :kind=>Dawn::KnowledgeBase::DEPENDENCY_CHECK,
25
25
  :message=>message,
26
26
  :mitigation=>"Please upgrade actionpack gem to version 3.2.22.2, 4.1.14.2, 4.2.5.2, 5.0.0 or later.",
27
- :aux_links=>[]
27
+ :aux_links=>['https://groups.google.com/forum/message/raw?msg=rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ']
28
28
  })
29
- self.safe_dependencies = [{:name=>"actionpack", :version=>['3.2.22.2', '4.1.14.2', '4.2.5.2', '5.0.0']}]
29
+ self.safe_dependencies = [{:name=>"actionpack", :version=>['3.2.22.2', '4.0.9999', '4.1.14.2', '4.2.5.2']}]
30
+ self.not_affected = {:name=>"actionpack", :version=>['5.0.x']}
30
31
 
31
32
  end
32
33
  end
@@ -152,6 +152,7 @@ require "dawn/kb/cve_2013_0277"
152
152
  require "dawn/kb/cve_2013_0284"
153
153
  require "dawn/kb/cve_2013_0285"
154
154
  require "dawn/kb/cve_2013_0333"
155
+ require "dawn/kb/cve_2013_0334"
155
156
  require "dawn/kb/cve_2013_1607"
156
157
  require "dawn/kb/cve_2013_1655"
157
158
  require "dawn/kb/cve_2013_1656"
@@ -465,6 +466,7 @@ module Dawn
465
466
  Dawn::Kb::CVE_2013_0284.new,
466
467
  Dawn::Kb::CVE_2013_0285.new,
467
468
  Dawn::Kb::CVE_2013_0333.new,
469
+ Dawn::Kb::CVE_2013_0334.new,
468
470
  Dawn::Kb::CVE_2013_1607.new,
469
471
  Dawn::Kb::CVE_2013_1655.new,
470
472
  Dawn::Kb::CVE_2013_1656.new,
@@ -1,7 +1,7 @@
1
1
  module Dawn
2
- VERSION = "1.6.2"
2
+ VERSION = "1.6.3"
3
3
  CODENAME = "Tow Mater"
4
- RELEASE = "20160301"
5
- BUILD = "9"
6
- COMMIT = "gc67c5bf"
4
+ RELEASE = "20160906"
5
+ BUILD = "15"
6
+ COMMIT = "g16d339b"
7
7
  end
@@ -30,13 +30,18 @@ describe "The Codesake Dawn knowledge base" do
30
30
  expect(sc.class).to eq(Dawn::Kb::CVE_2013_1855)
31
31
  end
32
32
 
33
-
34
33
  it "must have test for CVE_2013_0333" do
35
34
  sc = kb.find("CVE-2013-0333")
36
35
  expect(sc).not_to be_nil
37
36
  expect(sc.class).to eq(Dawn::Kb::CVE_2013_0333)
38
37
  end
39
38
 
39
+ it "must have test for CVE_2013_0334" do
40
+ sc = kb.find("CVE-2013-0334")
41
+ expect(sc).not_to be_nil
42
+ expect(sc.class).to eq(Dawn::Kb::CVE_2013_0334)
43
+ end
44
+
40
45
  it "must have test for CVE_2013_1857" do
41
46
  sc = kb.find("CVE-2013-1857")
42
47
  expect(sc).not_to be_nil
@@ -0,0 +1,35 @@
1
+ require 'spec_helper'
2
+ describe "The CVE-2013-0334 vulnerability" do
3
+ before(:all) do
4
+ @check = Dawn::Kb::CVE_2013_0334.new
5
+ # @check.debug = true
6
+ end
7
+ it "is not reported when bundler version 1.7.0 is used" do
8
+ @check.dependencies = [{:name=>"bundler", :version=>'1.7.0'}]
9
+ expect(@check.vuln?).to eq(false)
10
+ end
11
+ it "is not reported when bundler version 1.7.1 is used" do
12
+ @check.dependencies = [{:name=>"bundler", :version=>'1.7.1'}]
13
+ expect(@check.vuln?).to eq(false)
14
+ end
15
+ it "is not reported when bundler version 1.8.7 is used" do
16
+ @check.dependencies = [{:name=>"bundler", :version=>'1.8.7'}]
17
+ expect(@check.vuln?).to eq(false)
18
+ end
19
+ it "is not reported when bundler version 1.10.0.rc is used" do
20
+ @check.dependencies = [{:name=>"bundler", :version=>'1.10.0.rc'}]
21
+ expect(@check.vuln?).to eq(false)
22
+ end
23
+ it "is not reported when bundler version 1.12.5 is used" do
24
+ @check.dependencies = [{:name=>"bundler", :version=>'1.12.5'}]
25
+ expect(@check.vuln?).to eq(false)
26
+ end
27
+ it "fires when vulnerable bundler version it has been found (1.6.6)" do
28
+ @check.dependencies = [{:name=>"bundler", :version=>'1.6.6'}]
29
+ expect(@check.vuln?).to eq(true)
30
+ end
31
+ it "fires when vulnerable bundler version it has been found (1.3.0)" do
32
+ @check.dependencies = [{:name=>"bundler", :version=>'1.3.0'}]
33
+ expect(@check.vuln?).to eq(true)
34
+ end
35
+ end
@@ -17,6 +17,10 @@ describe "The CVE-2015-7577 vulnerability" do
17
17
  expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "is reported when the vulnerable gem is detected" do
20
+ @check.dependencies = [{:name=>"activerecord", :version=>"3.1.2"}]
21
+ expect(@check.vuln?).to eq(true)
22
+ end
23
+ it "is reported when the vulnerable gem is detected" do
20
24
  @check.dependencies = [{:name=>"activerecord", :version=>"3.2.22"}]
21
25
  expect(@check.vuln?).to eq(true)
22
26
  end
@@ -25,6 +29,10 @@ describe "The CVE-2015-7577 vulnerability" do
25
29
  expect(@check.vuln?).to eq(false)
26
30
  end
27
31
  it "is not reported when a fixed release is detected" do
32
+ @check.dependencies = [{:name=>"activerecord", :version=>"5.0.0.1"}]
33
+ expect(@check.vuln?).to eq(false)
34
+ end
35
+ it "is not reported when a fixed release is detected" do
28
36
  @check.dependencies = [{:name=>"activerecord", :version=>"4.2.5.1"}]
29
37
  expect(@check.vuln?).to eq(false)
30
38
  end
@@ -41,6 +49,10 @@ describe "The CVE-2015-7577 vulnerability" do
41
49
  expect(@check.vuln?).to eq(false)
42
50
  end
43
51
  it "is not reported when a fixed release is detected" do
52
+ @check.dependencies = [{:name=>"activerecord", :version=>"3.0.1"}]
53
+ expect(@check.vuln?).to eq(false)
54
+ end
55
+ it "is not reported when a fixed release is detected" do
44
56
  @check.dependencies = [{:name=>"activerecord", :version=>"3.2.22.1"}]
45
57
  expect(@check.vuln?).to eq(false)
46
58
  end
@@ -17,6 +17,10 @@ it "is reported when the vulnerable gem is detected" do
17
17
  expect(@check.vuln?).to eq(true)
18
18
  end
19
19
  it "is reported when the vulnerable gem is detected" do
20
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.0.3"}]
21
+ expect(@check.vuln?).to eq(true)
22
+ end
23
+ it "is reported when the vulnerable gem is detected" do
20
24
  @check.dependencies = [{:name=>"actionpack", :version=>"3.2.22"}]
21
25
  expect(@check.vuln?).to eq(true)
22
26
  end
@@ -25,6 +25,14 @@ describe "The CVE-2016-2098 vulnerability" do
25
25
  expect(@check.vuln?).to eq(false)
26
26
  end
27
27
  it "is not reported when a fixed release is detected" do
28
+ @check.dependencies = [{:name=>"actionpack", :version=>"5.0.0"}]
29
+ expect(@check.vuln?).to eq(false)
30
+ end
31
+ it "is not reported when a fixed release is detected" do
32
+ @check.dependencies = [{:name=>"actionpack", :version=>"5.0.0.1"}]
33
+ expect(@check.vuln?).to eq(false)
34
+ end
35
+ it "is not reported when a fixed release is detected" do
28
36
  @check.dependencies = [{:name=>"actionpack", :version=>"3.2.22.2"}]
29
37
  expect(@check.vuln?).to eq(false)
30
38
  end
@@ -36,4 +44,12 @@ describe "The CVE-2016-2098 vulnerability" do
36
44
  @check.dependencies = [{:name=>"actionpack", :version=>"4.2.5.2"}]
37
45
  expect(@check.vuln?).to eq(false)
38
46
  end
47
+ it "is not reported when a fixed release is detected" do
48
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.2.6"}]
49
+ expect(@check.vuln?).to eq(false)
50
+ end
51
+ it "is not reported when a fixed release is detected" do
52
+ @check.dependencies = [{:name=>"actionpack", :version=>"4.1.15"}]
53
+ expect(@check.vuln?).to eq(false)
54
+ end
39
55
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dawnscanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.2
4
+ version: 1.6.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Paolo Perego
@@ -30,7 +30,7 @@ cert_chain:
30
30
  jm6Bw8fGx65GCWIdgMhH/P0icixcnyrnotnnOrEcmPudIlgEN9qaUYcguOfFBhTH
31
31
  1sGpM7KzrYHU8qJJPrdaX0ezIDL4cN/kA/DxYTfUiMw=
32
32
  -----END CERTIFICATE-----
33
- date: 2016-03-01 00:00:00.000000000 Z
33
+ date: 2016-09-06 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: cvss
@@ -316,6 +316,7 @@ files:
316
316
  - checksum/dawnscanner-1.5.2.gem.sha1
317
317
  - checksum/dawnscanner-1.6.0.gem.sha1
318
318
  - checksum/dawnscanner-1.6.1.gem.sha1
319
+ - checksum/dawnscanner-1.6.2.gem.sha1
319
320
  - dawnscanner.gemspec
320
321
  - doc/dawn_1_0_announcement.md
321
322
  - doc/dawn_1_1_announcement.md
@@ -435,6 +436,7 @@ files:
435
436
  - lib/dawn/kb/cve_2013_0284.rb
436
437
  - lib/dawn/kb/cve_2013_0285.rb
437
438
  - lib/dawn/kb/cve_2013_0333.rb
439
+ - lib/dawn/kb/cve_2013_0334.rb
438
440
  - lib/dawn/kb/cve_2013_1607.rb
439
441
  - lib/dawn/kb/cve_2013_1655.rb
440
442
  - lib/dawn/kb/cve_2013_1656.rb
@@ -612,6 +614,7 @@ files:
612
614
  - spec/lib/kb/cve_2013_0256_spec.rb
613
615
  - spec/lib/kb/cve_2013_0262_spec.rb
614
616
  - spec/lib/kb/cve_2013_0263_spec.rb
617
+ - spec/lib/kb/cve_2013_0334_spec.rb
615
618
  - spec/lib/kb/cve_2013_1607_spec.rb
616
619
  - spec/lib/kb/cve_2013_1655_spec.rb
617
620
  - spec/lib/kb/cve_2013_1756_spec.rb
@@ -756,6 +759,7 @@ test_files:
756
759
  - spec/lib/kb/cve_2013_0256_spec.rb
757
760
  - spec/lib/kb/cve_2013_0262_spec.rb
758
761
  - spec/lib/kb/cve_2013_0263_spec.rb
762
+ - spec/lib/kb/cve_2013_0334_spec.rb
759
763
  - spec/lib/kb/cve_2013_1607_spec.rb
760
764
  - spec/lib/kb/cve_2013_1655_spec.rb
761
765
  - spec/lib/kb/cve_2013_1756_spec.rb
metadata.gz.sig CHANGED
Binary file