dawnscanner 1.6.8 → 2.0.0.rc4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +1 -0
- data/.ruby-version +1 -1
- data/Changelog.md +27 -1
- data/LICENSE.txt +1 -1
- data/README.md +59 -57
- data/Rakefile +10 -242
- data/Roadmap.md +15 -23
- data/VERSION +1 -1
- data/bin/dawn +17 -273
- data/checksum/dawnscanner-1.6.8.gem.sha1 +1 -0
- data/checksum/dawnscanner-2.0.0.rc1.gem.sha1 +1 -0
- data/checksum/dawnscanner-2.0.0.rc2.gem.sha1 +1 -0
- data/checksum/dawnscanner-2.0.0.rc3.gem.sha1 +1 -0
- data/dawnscanner.gemspec +10 -9
- data/doc/change.sh +13 -0
- data/doc/kickstart_kb.tar.gz +0 -0
- data/doc/knowledge_base.rb +650 -0
- data/docs/.placeholder +0 -0
- data/docs/CNAME +1 -0
- data/docs/_config.yml +1 -0
- data/lib/dawn/cli/dawn_cli.rb +139 -0
- data/lib/dawn/core.rb +8 -7
- data/lib/dawn/engine.rb +93 -34
- data/lib/dawn/gemfile_lock.rb +2 -2
- data/lib/dawn/kb/basic_check.rb +1 -2
- data/lib/dawn/kb/combo_check.rb +1 -1
- data/lib/dawn/kb/dependency_check.rb +1 -1
- data/lib/dawn/kb/operating_system_check.rb +1 -1
- data/lib/dawn/kb/pattern_match_check.rb +10 -9
- data/lib/dawn/kb/ruby_version_check.rb +11 -10
- data/lib/dawn/kb/{gem_check.rb → rubygem_check.rb} +1 -1
- data/lib/dawn/kb/unsafe_depedency_check.rb +44 -0
- data/lib/dawn/kb/version_check.rb +41 -24
- data/lib/dawn/knowledge_base.rb +259 -595
- data/lib/dawn/reporter.rb +2 -1
- data/lib/dawn/utils.rb +5 -2
- data/lib/dawn/version.rb +5 -5
- data/lib/dawnscanner.rb +7 -6
- data/spec/lib/kb/codesake_unsafe_dependency_check_spec.rb +29 -0
- data/spec/lib/kb/dependency_check.yml +29 -0
- metadata +30 -496
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/certs/paolo_at_dawnscanner_dot_org.pem +0 -21
- data/lib/dawn/kb/cve_2004_0755.rb +0 -33
- data/lib/dawn/kb/cve_2004_0983.rb +0 -31
- data/lib/dawn/kb/cve_2005_1992.rb +0 -31
- data/lib/dawn/kb/cve_2005_2337.rb +0 -33
- data/lib/dawn/kb/cve_2006_1931.rb +0 -30
- data/lib/dawn/kb/cve_2006_2582.rb +0 -28
- data/lib/dawn/kb/cve_2006_3694.rb +0 -31
- data/lib/dawn/kb/cve_2006_4112.rb +0 -27
- data/lib/dawn/kb/cve_2006_5467.rb +0 -28
- data/lib/dawn/kb/cve_2006_6303.rb +0 -28
- data/lib/dawn/kb/cve_2006_6852.rb +0 -27
- data/lib/dawn/kb/cve_2006_6979.rb +0 -29
- data/lib/dawn/kb/cve_2007_0469.rb +0 -29
- data/lib/dawn/kb/cve_2007_5162.rb +0 -28
- data/lib/dawn/kb/cve_2007_5379.rb +0 -27
- data/lib/dawn/kb/cve_2007_5380.rb +0 -29
- data/lib/dawn/kb/cve_2007_5770.rb +0 -30
- data/lib/dawn/kb/cve_2007_6077.rb +0 -31
- data/lib/dawn/kb/cve_2007_6612.rb +0 -30
- data/lib/dawn/kb/cve_2008_1145.rb +0 -38
- data/lib/dawn/kb/cve_2008_1891.rb +0 -38
- data/lib/dawn/kb/cve_2008_2376.rb +0 -30
- data/lib/dawn/kb/cve_2008_2662.rb +0 -33
- data/lib/dawn/kb/cve_2008_2663.rb +0 -32
- data/lib/dawn/kb/cve_2008_2664.rb +0 -33
- data/lib/dawn/kb/cve_2008_2725.rb +0 -31
- data/lib/dawn/kb/cve_2008_3655.rb +0 -37
- data/lib/dawn/kb/cve_2008_3657.rb +0 -37
- data/lib/dawn/kb/cve_2008_3790.rb +0 -30
- data/lib/dawn/kb/cve_2008_3905.rb +0 -36
- data/lib/dawn/kb/cve_2008_4094.rb +0 -27
- data/lib/dawn/kb/cve_2008_4310.rb +0 -100
- data/lib/dawn/kb/cve_2008_5189.rb +0 -27
- data/lib/dawn/kb/cve_2008_7248.rb +0 -27
- data/lib/dawn/kb/cve_2009_4078.rb +0 -29
- data/lib/dawn/kb/cve_2009_4124.rb +0 -30
- data/lib/dawn/kb/cve_2009_4214.rb +0 -27
- data/lib/dawn/kb/cve_2010_1330.rb +0 -28
- data/lib/dawn/kb/cve_2010_2489.rb +0 -60
- data/lib/dawn/kb/cve_2010_3933.rb +0 -27
- data/lib/dawn/kb/cve_2011_0188.rb +0 -67
- data/lib/dawn/kb/cve_2011_0446.rb +0 -28
- data/lib/dawn/kb/cve_2011_0447.rb +0 -28
- data/lib/dawn/kb/cve_2011_0739.rb +0 -28
- data/lib/dawn/kb/cve_2011_0995.rb +0 -61
- data/lib/dawn/kb/cve_2011_1004.rb +0 -34
- data/lib/dawn/kb/cve_2011_1005.rb +0 -31
- data/lib/dawn/kb/cve_2011_2197.rb +0 -27
- data/lib/dawn/kb/cve_2011_2686.rb +0 -29
- data/lib/dawn/kb/cve_2011_2705.rb +0 -32
- data/lib/dawn/kb/cve_2011_2929.rb +0 -27
- data/lib/dawn/kb/cve_2011_2930.rb +0 -28
- data/lib/dawn/kb/cve_2011_2931.rb +0 -30
- data/lib/dawn/kb/cve_2011_2932.rb +0 -27
- data/lib/dawn/kb/cve_2011_3009.rb +0 -28
- data/lib/dawn/kb/cve_2011_3186.rb +0 -29
- data/lib/dawn/kb/cve_2011_3187.rb +0 -29
- data/lib/dawn/kb/cve_2011_4319.rb +0 -30
- data/lib/dawn/kb/cve_2011_4815.rb +0 -28
- data/lib/dawn/kb/cve_2011_5036.rb +0 -26
- data/lib/dawn/kb/cve_2012_1098.rb +0 -30
- data/lib/dawn/kb/cve_2012_1099.rb +0 -27
- data/lib/dawn/kb/cve_2012_1241.rb +0 -27
- data/lib/dawn/kb/cve_2012_2139.rb +0 -26
- data/lib/dawn/kb/cve_2012_2140.rb +0 -27
- data/lib/dawn/kb/cve_2012_2660.rb +0 -28
- data/lib/dawn/kb/cve_2012_2661.rb +0 -27
- data/lib/dawn/kb/cve_2012_2671.rb +0 -28
- data/lib/dawn/kb/cve_2012_2694.rb +0 -30
- data/lib/dawn/kb/cve_2012_2695.rb +0 -27
- data/lib/dawn/kb/cve_2012_3424.rb +0 -29
- data/lib/dawn/kb/cve_2012_3463.rb +0 -27
- data/lib/dawn/kb/cve_2012_3464.rb +0 -27
- data/lib/dawn/kb/cve_2012_3465.rb +0 -26
- data/lib/dawn/kb/cve_2012_4464.rb +0 -27
- data/lib/dawn/kb/cve_2012_4466.rb +0 -27
- data/lib/dawn/kb/cve_2012_4481.rb +0 -26
- data/lib/dawn/kb/cve_2012_4522.rb +0 -27
- data/lib/dawn/kb/cve_2012_5370.rb +0 -27
- data/lib/dawn/kb/cve_2012_5371.rb +0 -27
- data/lib/dawn/kb/cve_2012_5380.rb +0 -28
- data/lib/dawn/kb/cve_2012_6109.rb +0 -25
- data/lib/dawn/kb/cve_2012_6134.rb +0 -27
- data/lib/dawn/kb/cve_2012_6496.rb +0 -28
- data/lib/dawn/kb/cve_2012_6497.rb +0 -28
- data/lib/dawn/kb/cve_2012_6684.rb +0 -28
- data/lib/dawn/kb/cve_2013_0155.rb +0 -29
- data/lib/dawn/kb/cve_2013_0156.rb +0 -27
- data/lib/dawn/kb/cve_2013_0162.rb +0 -28
- data/lib/dawn/kb/cve_2013_0175.rb +0 -27
- data/lib/dawn/kb/cve_2013_0183.rb +0 -25
- data/lib/dawn/kb/cve_2013_0184.rb +0 -25
- data/lib/dawn/kb/cve_2013_0233.rb +0 -26
- data/lib/dawn/kb/cve_2013_0256.rb +0 -59
- data/lib/dawn/kb/cve_2013_0262.rb +0 -26
- data/lib/dawn/kb/cve_2013_0263.rb +0 -26
- data/lib/dawn/kb/cve_2013_0269.rb +0 -27
- data/lib/dawn/kb/cve_2013_0276.rb +0 -28
- data/lib/dawn/kb/cve_2013_0277.rb +0 -25
- data/lib/dawn/kb/cve_2013_0284.rb +0 -27
- data/lib/dawn/kb/cve_2013_0285.rb +0 -27
- data/lib/dawn/kb/cve_2013_0333.rb +0 -28
- data/lib/dawn/kb/cve_2013_0334.rb +0 -25
- data/lib/dawn/kb/cve_2013_1607.rb +0 -25
- data/lib/dawn/kb/cve_2013_1655.rb +0 -65
- data/lib/dawn/kb/cve_2013_1656.rb +0 -28
- data/lib/dawn/kb/cve_2013_1756.rb +0 -26
- data/lib/dawn/kb/cve_2013_1800.rb +0 -26
- data/lib/dawn/kb/cve_2013_1801.rb +0 -27
- data/lib/dawn/kb/cve_2013_1802.rb +0 -27
- data/lib/dawn/kb/cve_2013_1812.rb +0 -27
- data/lib/dawn/kb/cve_2013_1821.rb +0 -28
- data/lib/dawn/kb/cve_2013_1854.rb +0 -26
- data/lib/dawn/kb/cve_2013_1855.rb +0 -25
- data/lib/dawn/kb/cve_2013_1856.rb +0 -26
- data/lib/dawn/kb/cve_2013_1857.rb +0 -27
- data/lib/dawn/kb/cve_2013_1875.rb +0 -27
- data/lib/dawn/kb/cve_2013_1898.rb +0 -27
- data/lib/dawn/kb/cve_2013_1911.rb +0 -28
- data/lib/dawn/kb/cve_2013_1933.rb +0 -27
- data/lib/dawn/kb/cve_2013_1947.rb +0 -27
- data/lib/dawn/kb/cve_2013_1948.rb +0 -27
- data/lib/dawn/kb/cve_2013_2065.rb +0 -29
- data/lib/dawn/kb/cve_2013_2090.rb +0 -28
- data/lib/dawn/kb/cve_2013_2105.rb +0 -26
- data/lib/dawn/kb/cve_2013_2119.rb +0 -27
- data/lib/dawn/kb/cve_2013_2512.rb +0 -26
- data/lib/dawn/kb/cve_2013_2513.rb +0 -25
- data/lib/dawn/kb/cve_2013_2516.rb +0 -26
- data/lib/dawn/kb/cve_2013_2615.rb +0 -27
- data/lib/dawn/kb/cve_2013_2616.rb +0 -27
- data/lib/dawn/kb/cve_2013_2617.rb +0 -28
- data/lib/dawn/kb/cve_2013_3221.rb +0 -27
- data/lib/dawn/kb/cve_2013_4164.rb +0 -30
- data/lib/dawn/kb/cve_2013_4203.rb +0 -25
- data/lib/dawn/kb/cve_2013_4389.rb +0 -26
- data/lib/dawn/kb/cve_2013_4413.rb +0 -27
- data/lib/dawn/kb/cve_2013_4457.rb +0 -29
- data/lib/dawn/kb/cve_2013_4478.rb +0 -26
- data/lib/dawn/kb/cve_2013_4479.rb +0 -26
- data/lib/dawn/kb/cve_2013_4489.rb +0 -28
- data/lib/dawn/kb/cve_2013_4491.rb +0 -29
- data/lib/dawn/kb/cve_2013_4492.rb +0 -29
- data/lib/dawn/kb/cve_2013_4562.rb +0 -27
- data/lib/dawn/kb/cve_2013_4593.rb +0 -27
- data/lib/dawn/kb/cve_2013_5647.rb +0 -29
- data/lib/dawn/kb/cve_2013_5671.rb +0 -26
- data/lib/dawn/kb/cve_2013_6414.rb +0 -30
- data/lib/dawn/kb/cve_2013_6415.rb +0 -29
- data/lib/dawn/kb/cve_2013_6416.rb +0 -29
- data/lib/dawn/kb/cve_2013_6417.rb +0 -30
- data/lib/dawn/kb/cve_2013_6421.rb +0 -28
- data/lib/dawn/kb/cve_2013_6459.rb +0 -28
- data/lib/dawn/kb/cve_2013_6460.rb +0 -53
- data/lib/dawn/kb/cve_2013_6461.rb +0 -57
- data/lib/dawn/kb/cve_2013_7086.rb +0 -27
- data/lib/dawn/kb/cve_2014_0036.rb +0 -27
- data/lib/dawn/kb/cve_2014_0080.rb +0 -29
- data/lib/dawn/kb/cve_2014_0081.rb +0 -27
- data/lib/dawn/kb/cve_2014_0082.rb +0 -27
- data/lib/dawn/kb/cve_2014_0130.rb +0 -27
- data/lib/dawn/kb/cve_2014_1233.rb +0 -27
- data/lib/dawn/kb/cve_2014_1234.rb +0 -26
- data/lib/dawn/kb/cve_2014_2322.rb +0 -28
- data/lib/dawn/kb/cve_2014_2525.rb +0 -59
- data/lib/dawn/kb/cve_2014_2538.rb +0 -26
- data/lib/dawn/kb/cve_2014_3482.rb +0 -28
- data/lib/dawn/kb/cve_2014_3483.rb +0 -28
- data/lib/dawn/kb/cve_2014_3916.rb +0 -29
- data/lib/dawn/kb/cve_2014_4975.rb +0 -28
- data/lib/dawn/kb/cve_2014_7818.rb +0 -27
- data/lib/dawn/kb/cve_2014_7819.rb +0 -31
- data/lib/dawn/kb/cve_2014_7829.rb +0 -30
- data/lib/dawn/kb/cve_2014_8090.rb +0 -30
- data/lib/dawn/kb/cve_2014_9490.rb +0 -29
- data/lib/dawn/kb/cve_2015_1819.rb +0 -34
- data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb +0 -28
- data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb +0 -28
- data/lib/dawn/kb/cve_2015_2963.rb +0 -27
- data/lib/dawn/kb/cve_2015_3224.rb +0 -26
- data/lib/dawn/kb/cve_2015_3225.rb +0 -28
- data/lib/dawn/kb/cve_2015_3226.rb +0 -27
- data/lib/dawn/kb/cve_2015_3227.rb +0 -28
- data/lib/dawn/kb/cve_2015_3448.rb +0 -29
- data/lib/dawn/kb/cve_2015_4020.rb +0 -34
- data/lib/dawn/kb/cve_2015_5312.rb +0 -30
- data/lib/dawn/kb/cve_2015_7497.rb +0 -32
- data/lib/dawn/kb/cve_2015_7498.rb +0 -32
- data/lib/dawn/kb/cve_2015_7499.rb +0 -32
- data/lib/dawn/kb/cve_2015_7500.rb +0 -32
- data/lib/dawn/kb/cve_2015_7519.rb +0 -31
- data/lib/dawn/kb/cve_2015_7541.rb +0 -31
- data/lib/dawn/kb/cve_2015_7576.rb +0 -35
- data/lib/dawn/kb/cve_2015_7577.rb +0 -34
- data/lib/dawn/kb/cve_2015_7578.rb +0 -30
- data/lib/dawn/kb/cve_2015_7579.rb +0 -30
- data/lib/dawn/kb/cve_2015_7581.rb +0 -33
- data/lib/dawn/kb/cve_2015_8241.rb +0 -32
- data/lib/dawn/kb/cve_2015_8242.rb +0 -32
- data/lib/dawn/kb/cve_2015_8317.rb +0 -32
- data/lib/dawn/kb/cve_2016_0751.rb +0 -32
- data/lib/dawn/kb/cve_2016_0752.rb +0 -35
- data/lib/dawn/kb/cve_2016_0753.rb +0 -31
- data/lib/dawn/kb/cve_2016_2097.rb +0 -35
- data/lib/dawn/kb/cve_2016_2098.rb +0 -35
- data/lib/dawn/kb/cve_2016_5697.rb +0 -30
- data/lib/dawn/kb/cve_2016_6316.rb +0 -33
- data/lib/dawn/kb/cve_2016_6317.rb +0 -32
- data/lib/dawn/kb/cve_2016_6582.rb +0 -43
- data/lib/dawn/kb/not_revised_code.rb +0 -22
- data/lib/dawn/kb/osvdb_105971.rb +0 -29
- data/lib/dawn/kb/osvdb_108530.rb +0 -27
- data/lib/dawn/kb/osvdb_108563.rb +0 -28
- data/lib/dawn/kb/osvdb_108569.rb +0 -28
- data/lib/dawn/kb/osvdb_108570.rb +0 -27
- data/lib/dawn/kb/osvdb_115654.rb +0 -33
- data/lib/dawn/kb/osvdb_116010.rb +0 -30
- data/lib/dawn/kb/osvdb_117903.rb +0 -30
- data/lib/dawn/kb/osvdb_118579.rb +0 -31
- data/lib/dawn/kb/osvdb_118830.rb +0 -32
- data/lib/dawn/kb/osvdb_118954.rb +0 -33
- data/lib/dawn/kb/osvdb_119878.rb +0 -32
- data/lib/dawn/kb/osvdb_119927.rb +0 -33
- data/lib/dawn/kb/osvdb_120415.rb +0 -31
- data/lib/dawn/kb/osvdb_120857.rb +0 -34
- data/lib/dawn/kb/osvdb_121701.rb +0 -30
- data/lib/dawn/kb/osvdb_132234.rb +0 -34
- data/lib/dawn/kb/owasp_ror_cheatsheet.rb +0 -33
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +0 -18
- data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +0 -57
- data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +0 -28
- data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +0 -29
- data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +0 -33
- data/lib/dawn/kb/owasp_ror_cheatsheet/security_related_headers.rb +0 -35
- data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +0 -29
- data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +0 -31
- data/lib/dawn/kb/simpleform_xss_20131129.rb +0 -28
- data/lib/dawn/knowledge_base_experimental.rb +0 -245
- data/spec/lib/kb/cve_2011_2705_spec.rb +0 -35
- data/spec/lib/kb/cve_2011_2930_spec.rb +0 -31
- data/spec/lib/kb/cve_2011_3009_spec.rb +0 -25
- data/spec/lib/kb/cve_2011_3187_spec.rb +0 -24
- data/spec/lib/kb/cve_2011_4319_spec.rb +0 -44
- data/spec/lib/kb/cve_2011_5036_spec.rb +0 -95
- data/spec/lib/kb/cve_2012_1098_spec.rb +0 -36
- data/spec/lib/kb/cve_2012_2139_spec.rb +0 -20
- data/spec/lib/kb/cve_2012_2671_spec.rb +0 -23
- data/spec/lib/kb/cve_2012_6109_spec.rb +0 -112
- data/spec/lib/kb/cve_2012_6684_spec.rb +0 -16
- data/spec/lib/kb/cve_2013_0162_spec.rb +0 -23
- data/spec/lib/kb/cve_2013_0183_spec.rb +0 -54
- data/spec/lib/kb/cve_2013_0184_spec.rb +0 -115
- data/spec/lib/kb/cve_2013_0256_spec.rb +0 -34
- data/spec/lib/kb/cve_2013_0262_spec.rb +0 -44
- data/spec/lib/kb/cve_2013_0263_spec.rb +0 -11
- data/spec/lib/kb/cve_2013_0334_spec.rb +0 -35
- data/spec/lib/kb/cve_2013_1607_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_1655_spec.rb +0 -31
- data/spec/lib/kb/cve_2013_1756_spec.rb +0 -23
- data/spec/lib/kb/cve_2013_2090_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_2105_spec.rb +0 -11
- data/spec/lib/kb/cve_2013_2119_spec.rb +0 -27
- data/spec/lib/kb/cve_2013_2512_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_2513_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_2516_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_4203_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_4413_spec.rb +0 -16
- data/spec/lib/kb/cve_2013_4489_spec.rb +0 -63
- data/spec/lib/kb/cve_2013_4491_spec.rb +0 -16
- data/spec/lib/kb/cve_2013_4593_spec.rb +0 -16
- data/spec/lib/kb/cve_2013_5647_spec.rb +0 -19
- data/spec/lib/kb/cve_2013_5671_spec.rb +0 -27
- data/spec/lib/kb/cve_2013_6414_spec.rb +0 -26
- data/spec/lib/kb/cve_2013_6416_spec.rb +0 -31
- data/spec/lib/kb/cve_2013_6459_spec.rb +0 -15
- data/spec/lib/kb/cve_2013_7086_spec.rb +0 -22
- data/spec/lib/kb/cve_2014_0036_spec.rb +0 -15
- data/spec/lib/kb/cve_2014_0080_spec.rb +0 -33
- data/spec/lib/kb/cve_2014_0081_spec.rb +0 -50
- data/spec/lib/kb/cve_2014_0082_spec.rb +0 -52
- data/spec/lib/kb/cve_2014_0130_spec.rb +0 -19
- data/spec/lib/kb/cve_2014_1233_spec.rb +0 -15
- data/spec/lib/kb/cve_2014_1234_spec.rb +0 -16
- data/spec/lib/kb/cve_2014_2322_spec.rb +0 -15
- data/spec/lib/kb/cve_2014_2538_spec.rb +0 -15
- data/spec/lib/kb/cve_2014_3482_spec.rb +0 -15
- data/spec/lib/kb/cve_2014_3483_spec.rb +0 -27
- data/spec/lib/kb/cve_2014_7818_spec.rb +0 -42
- data/spec/lib/kb/cve_2014_7819_spec.rb +0 -139
- data/spec/lib/kb/cve_2014_7829_spec.rb +0 -50
- data/spec/lib/kb/cve_2014_9490_spec.rb +0 -17
- data/spec/lib/kb/cve_2015_1819_spec.rb +0 -16
- data/spec/lib/kb/cve_2015_1840_spec.rb +0 -39
- data/spec/lib/kb/cve_2015_2963_spec.rb +0 -17
- data/spec/lib/kb/cve_2015_3224_spec.rb +0 -16
- data/spec/lib/kb/cve_2015_3225_spec.rb +0 -27
- data/spec/lib/kb/cve_2015_3226_spec.rb +0 -35
- data/spec/lib/kb/cve_2015_3227_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_3448_spec.rb +0 -16
- data/spec/lib/kb/cve_2015_4020_spec.rb +0 -24
- data/spec/lib/kb/cve_2015_5312_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_7497_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_7498_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_7499_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_7500_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_7519_spec.rb +0 -23
- data/spec/lib/kb/cve_2015_7541_spec.rb +0 -15
- data/spec/lib/kb/cve_2015_7576_spec.rb +0 -51
- data/spec/lib/kb/cve_2015_7577_spec.rb +0 -63
- data/spec/lib/kb/cve_2015_7578_spec.rb +0 -15
- data/spec/lib/kb/cve_2015_7579_spec.rb +0 -23
- data/spec/lib/kb/cve_2015_7581_spec.rb +0 -51
- data/spec/lib/kb/cve_2015_8241_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_8242_spec.rb +0 -31
- data/spec/lib/kb/cve_2015_8317_spec.rb +0 -31
- data/spec/lib/kb/cve_2016_0751_spec.rb +0 -55
- data/spec/lib/kb/cve_2016_0752_spec.rb +0 -51
- data/spec/lib/kb/cve_2016_0753_spec.rb +0 -51
- data/spec/lib/kb/cve_2016_2097_spec.rb +0 -35
- data/spec/lib/kb/cve_2016_2098_spec.rb +0 -55
- data/spec/lib/kb/cve_2016_5697_spec.rb +0 -15
- data/spec/lib/kb/cve_2016_6316_spec.rb +0 -44
- data/spec/lib/kb/cve_2016_6317_spec.rb +0 -35
- data/spec/lib/kb/cve_2016_6582_spec.rb +0 -29
- data/spec/lib/kb/osvdb_105971_spec.rb +0 -15
- data/spec/lib/kb/osvdb_108530_spec.rb +0 -22
- data/spec/lib/kb/osvdb_108563_spec.rb +0 -18
- data/spec/lib/kb/osvdb_108569_spec.rb +0 -17
- data/spec/lib/kb/osvdb_108570_spec.rb +0 -17
- data/spec/lib/kb/osvdb_115654_spec.rb +0 -15
- data/spec/lib/kb/osvdb_116010_spec.rb +0 -15
- data/spec/lib/kb/osvdb_117903_spec.rb +0 -23
- data/spec/lib/kb/osvdb_118579_spec.rb +0 -8
- data/spec/lib/kb/osvdb_118830_spec.rb +0 -16
- data/spec/lib/kb/osvdb_118954_spec.rb +0 -20
- data/spec/lib/kb/osvdb_119878_spec.rb +0 -92
- data/spec/lib/kb/osvdb_119927_spec.rb +0 -16
- data/spec/lib/kb/osvdb_120415_spec.rb +0 -16
- data/spec/lib/kb/osvdb_120857_spec.rb +0 -32
- data/spec/lib/kb/osvdb_121701_spec.rb +0 -15
- data/spec/lib/kb/osvdb_132234_spec.rb +0 -15
- metadata.gz.sig +0 -0
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The CVE-2016-5697 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::CVE_2016_5697.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"1.2.9"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a fixed release is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"1.3.0"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,44 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The CVE-2016-6316 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::CVE_2016_6316.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"actionview", :version=>"3.2.22.2"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is reported when the vulnerable gem is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"actionview", :version=>"5.0.0.0"}]
|
|
13
|
-
expect(@check.vuln?).to eq(true)
|
|
14
|
-
end
|
|
15
|
-
it "is reported when the vulnerable gem is detected" do
|
|
16
|
-
@check.dependencies = [{:name=>"actionview", :version=>"4.2.6"}]
|
|
17
|
-
expect(@check.vuln?).to eq(true)
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
it "is not reported when a fixed release is detected" do
|
|
21
|
-
@check.dependencies = [{:name=>"actionview", :version=>"3.0.0"}]
|
|
22
|
-
expect(@check.vuln?).to eq(false)
|
|
23
|
-
end
|
|
24
|
-
it "is not reported when a fixed release is detected" do
|
|
25
|
-
@check.dependencies = [{:name=>"actionview", :version=>"2.2.0"}]
|
|
26
|
-
expect(@check.vuln?).to eq(false)
|
|
27
|
-
end
|
|
28
|
-
it "is not reported when a fixed release is detected" do
|
|
29
|
-
@check.dependencies = [{:name=>"actionview", :version=>"1.2.0"}]
|
|
30
|
-
expect(@check.vuln?).to eq(false)
|
|
31
|
-
end
|
|
32
|
-
it "is not reported when a fixed release is detected" do
|
|
33
|
-
@check.dependencies = [{:name=>"actionview", :version=>"3.2.22.3"}]
|
|
34
|
-
expect(@check.vuln?).to eq(false)
|
|
35
|
-
end
|
|
36
|
-
it "is not reported when a fixed release is detected" do
|
|
37
|
-
@check.dependencies = [{:name=>"actionview", :version=>"4.2.7.1"}]
|
|
38
|
-
expect(@check.vuln?).to eq(false)
|
|
39
|
-
end
|
|
40
|
-
it "is not reported when a fixed release is detected" do
|
|
41
|
-
@check.dependencies = [{:name=>"actionview", :version=>"5.0.0.1"}]
|
|
42
|
-
expect(@check.vuln?).to eq(false)
|
|
43
|
-
end
|
|
44
|
-
end
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The CVE-2016-6317 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::CVE_2016_6317.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"4.2.7.0"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a fixed release is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"4.2.7.1"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
it "is not reported when a fixed release is detected" do
|
|
16
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"4.1.0"}]
|
|
17
|
-
expect(@check.vuln?).to eq(false)
|
|
18
|
-
end
|
|
19
|
-
it "is not reported when a fixed release is detected" do
|
|
20
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"3.1.0"}]
|
|
21
|
-
expect(@check.vuln?).to eq(false)
|
|
22
|
-
end
|
|
23
|
-
it "is not reported when a fixed release is detected" do
|
|
24
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"2.1.0"}]
|
|
25
|
-
expect(@check.vuln?).to eq(false)
|
|
26
|
-
end
|
|
27
|
-
it "is not reported when a fixed release is detected" do
|
|
28
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"1.1.0"}]
|
|
29
|
-
expect(@check.vuln?).to eq(false)
|
|
30
|
-
end
|
|
31
|
-
it "is not reported when a fixed release is detected" do
|
|
32
|
-
@check.dependencies = [{:name=>"activerecord", :version=>"5.0.0"}]
|
|
33
|
-
expect(@check.vuln?).to eq(false)
|
|
34
|
-
end
|
|
35
|
-
end
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The CVE-2016-6582 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::CVE_2016_6582.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.2.0"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is reported when the vulnerable gem is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"2.5.0"}]
|
|
13
|
-
expect(@check.vuln?).to eq(true)
|
|
14
|
-
end
|
|
15
|
-
it "is reported when the vulnerable gem is detected" do
|
|
16
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"3.9.0"}]
|
|
17
|
-
expect(@check.vuln?).to eq(true)
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
it "is reported when the vulnerable gem is detected" do
|
|
21
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"4.1.0"}]
|
|
22
|
-
expect(@check.vuln?).to eq(true)
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
it "is not reported when a fixed release is detected" do
|
|
26
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"4.2.0"}]
|
|
27
|
-
expect(@check.vuln?).to eq(false)
|
|
28
|
-
end
|
|
29
|
-
end
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_105971 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_105971.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (0.4.14)" do
|
|
8
|
-
@check.dependencies = [{:name=>"sfpagent", :version=>"0.4.14"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe version it has been found (0.4.15)" do
|
|
12
|
-
@check.dependencies = [{:name=>"sfpagent", :version=>"0.4.15"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB-108530 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_108530.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (1.0.3.rc2)" do
|
|
8
|
-
@check.dependencies = [{:name=>"kajam", :version=>"1.0.3.rc2"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe version it has been found (1.0.3)" do
|
|
12
|
-
@check.dependencies = [{:name=>"kajam", :version=>"1.0.3"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
it "is not reported when a safe version it has been found (1.0.4)" do
|
|
16
|
-
@check.dependencies = [{:name=>"kajam", :version=>"1.0.4"}]
|
|
17
|
-
expect(@check.vuln?).to eq(false)
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
it "must be filled with CVE identifier"
|
|
21
|
-
it "must be filled with CVSS information"
|
|
22
|
-
end
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB-108563 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_108563.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
it "is reported when a vulnerable version it has been found (1.0.0)" do
|
|
9
|
-
@check.dependencies = [{:name=>"gyazo", :version=>"1.0.0"}]
|
|
10
|
-
expect(@check.vuln?).to eq(true)
|
|
11
|
-
end
|
|
12
|
-
it "is not reported when a safe version it has been found (0.4.15)" do
|
|
13
|
-
@check.dependencies = [{:name=>"gyazo", :version=>"1.0.1"}]
|
|
14
|
-
expect(@check.vuln?).to eq(false)
|
|
15
|
-
end
|
|
16
|
-
it "must be filled with CVE identifier"
|
|
17
|
-
it "must be filled with CVSS information"
|
|
18
|
-
end
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB-108569 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_108569.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable backup_checksum gem version it has been found (3.0.23)" do
|
|
8
|
-
@check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.23"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe backup_checksum gem version it has been found (3.0.24)" do
|
|
12
|
-
@check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.24"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
it "must be filled with CVE identifier"
|
|
16
|
-
it "must be filled with CVSS information"
|
|
17
|
-
end
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB-108570 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_108570.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (3.0.23)" do
|
|
8
|
-
@check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.23"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe version it has been found (0.4.15)" do
|
|
12
|
-
@check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.24"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
it "must be filled with CVE identifier"
|
|
16
|
-
it "must be filled with CVSS information"
|
|
17
|
-
end
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_115654 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_115654.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.1"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a fixed release is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.2"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_116010 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_116010.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.0"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a fixed release is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.1"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
end
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_117903 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_117903.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.2"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is reported when the vulnerable gem is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.1"}]
|
|
13
|
-
expect(@check.vuln?).to eq(true)
|
|
14
|
-
end
|
|
15
|
-
it "is not reported when a fixed release is detected" do
|
|
16
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.3"}]
|
|
17
|
-
expect(@check.vuln?).to eq(false)
|
|
18
|
-
end
|
|
19
|
-
it "is not reported when a fixed release is detected" do
|
|
20
|
-
@check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.2"}]
|
|
21
|
-
expect(@check.vuln?).to eq(false)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_118830 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_118830.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (2.1.1)" do
|
|
8
|
-
@check.dependencies = [{:name=>"doorkeeper", :version=>"2.1.1"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe version it has been found (2.1.2)" do
|
|
12
|
-
@check.dependencies = [{:name=>"doorkeepr", :version=>"2.1.2"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
end
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_118954 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_118954.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when the vulnerable gem is detected" do
|
|
8
|
-
@check.dependencies = [{:name=>"rails", :version=>"4.2.0"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a fixed release is detected" do
|
|
12
|
-
@check.dependencies = [{:name=>"rails", :version=>"4.2.1.rc3"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
it "is not reported when a fixed release is detected" do
|
|
16
|
-
@check.dependencies = [{:name=>"rails", :version=>"4.0.3"}]
|
|
17
|
-
expect(@check.vuln?).to eq(false)
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
end
|
|
@@ -1,92 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_119878 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_119878.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (1.6.1.a)" do
|
|
8
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.1.a"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is reported when a vulnerable version it has been found (1.6.1)" do
|
|
12
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.1"}]
|
|
13
|
-
expect(@check.vuln?).to eq(true)
|
|
14
|
-
end
|
|
15
|
-
it "is reported when a vulnerable version it has been found (1.6.2" do
|
|
16
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.2"}]
|
|
17
|
-
expect(@check.vuln?).to eq(true)
|
|
18
|
-
end
|
|
19
|
-
it "is reported when a vulnerable version it has been found (1.6.2.a" do
|
|
20
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.2.a"}]
|
|
21
|
-
expect(@check.vuln?).to eq(true)
|
|
22
|
-
end
|
|
23
|
-
it "is reported when a vulnerable version it has been found (1.6.3)" do
|
|
24
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.3"}]
|
|
25
|
-
expect(@check.vuln?).to eq(true)
|
|
26
|
-
end
|
|
27
|
-
it "is reported when a vulnerable version it has been found (1.6.4)" do
|
|
28
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.4"}]
|
|
29
|
-
expect(@check.vuln?).to eq(true)
|
|
30
|
-
end
|
|
31
|
-
it "is reported when a vulnerable version it has been found (1.6.5)" do
|
|
32
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.5"}]
|
|
33
|
-
expect(@check.vuln?).to eq(true)
|
|
34
|
-
end
|
|
35
|
-
it "is reported when a vulnerable version it has been found (1.6.6)" do
|
|
36
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.6"}]
|
|
37
|
-
expect(@check.vuln?).to eq(true)
|
|
38
|
-
end
|
|
39
|
-
it "is reported when a vulnerable version it has been found (1.6.7)" do
|
|
40
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.7"}]
|
|
41
|
-
expect(@check.vuln?).to eq(true)
|
|
42
|
-
end
|
|
43
|
-
it "is reported when a vulnerable version it has been found (1.6.8)" do
|
|
44
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.8"}]
|
|
45
|
-
expect(@check.vuln?).to eq(true)
|
|
46
|
-
end
|
|
47
|
-
it "is reported when a vulnerable version it has been found (1.6.8.rc1)" do
|
|
48
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.8.rc1"}]
|
|
49
|
-
expect(@check.vuln?).to eq(true)
|
|
50
|
-
end
|
|
51
|
-
it "is reported when a vulnerable version it has been found (1.6.9)" do
|
|
52
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.6.9"}]
|
|
53
|
-
expect(@check.vuln?).to eq(true)
|
|
54
|
-
end
|
|
55
|
-
it "is reported when a vulnerable version it has been found (1.7.0.rc1)" do
|
|
56
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.0.rc1"}]
|
|
57
|
-
expect(@check.vuln?).to eq(true)
|
|
58
|
-
end
|
|
59
|
-
it "is reported when a vulnerable version it has been found (1.7.0)" do
|
|
60
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.0"}]
|
|
61
|
-
expect(@check.vuln?).to eq(true)
|
|
62
|
-
end
|
|
63
|
-
it "is reported when a vulnerable version it has been found (1.7.1)" do
|
|
64
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.1"}]
|
|
65
|
-
expect(@check.vuln?).to eq(true)
|
|
66
|
-
end
|
|
67
|
-
it "is reported when a vulnerable version it has been found (1.7.2)" do
|
|
68
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.2"}]
|
|
69
|
-
expect(@check.vuln?).to eq(true)
|
|
70
|
-
end
|
|
71
|
-
it "is reported when a vulnerable version it has been found (1.7.2.rc1)" do
|
|
72
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.2.rc1"}]
|
|
73
|
-
expect(@check.vuln?).to eq(true)
|
|
74
|
-
end
|
|
75
|
-
it "is reported when a vulnerable version it has been found (1.7.3)" do
|
|
76
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.7.3"}]
|
|
77
|
-
expect(@check.vuln?).to eq(true)
|
|
78
|
-
end
|
|
79
|
-
it "is not reported when a safe version it has been found (1.8.0)" do
|
|
80
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"1.8.0"}]
|
|
81
|
-
expect(@check.vuln?).to eq(false)
|
|
82
|
-
end
|
|
83
|
-
it "is not reported when a safe version it has been found (2.0.0.rc1)" do
|
|
84
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc1"}]
|
|
85
|
-
expect(@check.vuln?).to eq(false)
|
|
86
|
-
end
|
|
87
|
-
it "is not reported when a safe version it has been found (2.0.0.rc2)" do
|
|
88
|
-
@check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc2"}]
|
|
89
|
-
expect(@check.vuln?).to eq(false)
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
end
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
require 'spec_helper'
|
|
2
|
-
describe "The OSVDB_119927 vulnerability" do
|
|
3
|
-
before(:all) do
|
|
4
|
-
@check = Dawn::Kb::OSVDB_119927.new
|
|
5
|
-
# @check.debug = true
|
|
6
|
-
end
|
|
7
|
-
it "is reported when a vulnerable version it has been found (0.7.3)" do
|
|
8
|
-
@check.dependencies = [{:name=>"http", :version=>"0.7.3"}]
|
|
9
|
-
expect(@check.vuln?).to eq(true)
|
|
10
|
-
end
|
|
11
|
-
it "is not reported when a safe version it has been found (0.8.0)" do
|
|
12
|
-
@check.dependencies = [{:name=>"http", :version=>"0.8.0"}]
|
|
13
|
-
expect(@check.vuln?).to eq(false)
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
end
|