dawnscanner 1.6.8 → 2.0.0.rc4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (387) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +1 -0
  3. data/.ruby-version +1 -1
  4. data/Changelog.md +27 -1
  5. data/LICENSE.txt +1 -1
  6. data/README.md +59 -57
  7. data/Rakefile +10 -242
  8. data/Roadmap.md +15 -23
  9. data/VERSION +1 -1
  10. data/bin/dawn +17 -273
  11. data/checksum/dawnscanner-1.6.8.gem.sha1 +1 -0
  12. data/checksum/dawnscanner-2.0.0.rc1.gem.sha1 +1 -0
  13. data/checksum/dawnscanner-2.0.0.rc2.gem.sha1 +1 -0
  14. data/checksum/dawnscanner-2.0.0.rc3.gem.sha1 +1 -0
  15. data/dawnscanner.gemspec +10 -9
  16. data/doc/change.sh +13 -0
  17. data/doc/kickstart_kb.tar.gz +0 -0
  18. data/doc/knowledge_base.rb +650 -0
  19. data/docs/.placeholder +0 -0
  20. data/docs/CNAME +1 -0
  21. data/docs/_config.yml +1 -0
  22. data/lib/dawn/cli/dawn_cli.rb +139 -0
  23. data/lib/dawn/core.rb +8 -7
  24. data/lib/dawn/engine.rb +93 -34
  25. data/lib/dawn/gemfile_lock.rb +2 -2
  26. data/lib/dawn/kb/basic_check.rb +1 -2
  27. data/lib/dawn/kb/combo_check.rb +1 -1
  28. data/lib/dawn/kb/dependency_check.rb +1 -1
  29. data/lib/dawn/kb/operating_system_check.rb +1 -1
  30. data/lib/dawn/kb/pattern_match_check.rb +10 -9
  31. data/lib/dawn/kb/ruby_version_check.rb +11 -10
  32. data/lib/dawn/kb/{gem_check.rb → rubygem_check.rb} +1 -1
  33. data/lib/dawn/kb/unsafe_depedency_check.rb +44 -0
  34. data/lib/dawn/kb/version_check.rb +41 -24
  35. data/lib/dawn/knowledge_base.rb +259 -595
  36. data/lib/dawn/reporter.rb +2 -1
  37. data/lib/dawn/utils.rb +5 -2
  38. data/lib/dawn/version.rb +5 -5
  39. data/lib/dawnscanner.rb +7 -6
  40. data/spec/lib/kb/codesake_unsafe_dependency_check_spec.rb +29 -0
  41. data/spec/lib/kb/dependency_check.yml +29 -0
  42. metadata +30 -496
  43. checksums.yaml.gz.sig +0 -0
  44. data.tar.gz.sig +0 -0
  45. data/certs/paolo_at_dawnscanner_dot_org.pem +0 -21
  46. data/lib/dawn/kb/cve_2004_0755.rb +0 -33
  47. data/lib/dawn/kb/cve_2004_0983.rb +0 -31
  48. data/lib/dawn/kb/cve_2005_1992.rb +0 -31
  49. data/lib/dawn/kb/cve_2005_2337.rb +0 -33
  50. data/lib/dawn/kb/cve_2006_1931.rb +0 -30
  51. data/lib/dawn/kb/cve_2006_2582.rb +0 -28
  52. data/lib/dawn/kb/cve_2006_3694.rb +0 -31
  53. data/lib/dawn/kb/cve_2006_4112.rb +0 -27
  54. data/lib/dawn/kb/cve_2006_5467.rb +0 -28
  55. data/lib/dawn/kb/cve_2006_6303.rb +0 -28
  56. data/lib/dawn/kb/cve_2006_6852.rb +0 -27
  57. data/lib/dawn/kb/cve_2006_6979.rb +0 -29
  58. data/lib/dawn/kb/cve_2007_0469.rb +0 -29
  59. data/lib/dawn/kb/cve_2007_5162.rb +0 -28
  60. data/lib/dawn/kb/cve_2007_5379.rb +0 -27
  61. data/lib/dawn/kb/cve_2007_5380.rb +0 -29
  62. data/lib/dawn/kb/cve_2007_5770.rb +0 -30
  63. data/lib/dawn/kb/cve_2007_6077.rb +0 -31
  64. data/lib/dawn/kb/cve_2007_6612.rb +0 -30
  65. data/lib/dawn/kb/cve_2008_1145.rb +0 -38
  66. data/lib/dawn/kb/cve_2008_1891.rb +0 -38
  67. data/lib/dawn/kb/cve_2008_2376.rb +0 -30
  68. data/lib/dawn/kb/cve_2008_2662.rb +0 -33
  69. data/lib/dawn/kb/cve_2008_2663.rb +0 -32
  70. data/lib/dawn/kb/cve_2008_2664.rb +0 -33
  71. data/lib/dawn/kb/cve_2008_2725.rb +0 -31
  72. data/lib/dawn/kb/cve_2008_3655.rb +0 -37
  73. data/lib/dawn/kb/cve_2008_3657.rb +0 -37
  74. data/lib/dawn/kb/cve_2008_3790.rb +0 -30
  75. data/lib/dawn/kb/cve_2008_3905.rb +0 -36
  76. data/lib/dawn/kb/cve_2008_4094.rb +0 -27
  77. data/lib/dawn/kb/cve_2008_4310.rb +0 -100
  78. data/lib/dawn/kb/cve_2008_5189.rb +0 -27
  79. data/lib/dawn/kb/cve_2008_7248.rb +0 -27
  80. data/lib/dawn/kb/cve_2009_4078.rb +0 -29
  81. data/lib/dawn/kb/cve_2009_4124.rb +0 -30
  82. data/lib/dawn/kb/cve_2009_4214.rb +0 -27
  83. data/lib/dawn/kb/cve_2010_1330.rb +0 -28
  84. data/lib/dawn/kb/cve_2010_2489.rb +0 -60
  85. data/lib/dawn/kb/cve_2010_3933.rb +0 -27
  86. data/lib/dawn/kb/cve_2011_0188.rb +0 -67
  87. data/lib/dawn/kb/cve_2011_0446.rb +0 -28
  88. data/lib/dawn/kb/cve_2011_0447.rb +0 -28
  89. data/lib/dawn/kb/cve_2011_0739.rb +0 -28
  90. data/lib/dawn/kb/cve_2011_0995.rb +0 -61
  91. data/lib/dawn/kb/cve_2011_1004.rb +0 -34
  92. data/lib/dawn/kb/cve_2011_1005.rb +0 -31
  93. data/lib/dawn/kb/cve_2011_2197.rb +0 -27
  94. data/lib/dawn/kb/cve_2011_2686.rb +0 -29
  95. data/lib/dawn/kb/cve_2011_2705.rb +0 -32
  96. data/lib/dawn/kb/cve_2011_2929.rb +0 -27
  97. data/lib/dawn/kb/cve_2011_2930.rb +0 -28
  98. data/lib/dawn/kb/cve_2011_2931.rb +0 -30
  99. data/lib/dawn/kb/cve_2011_2932.rb +0 -27
  100. data/lib/dawn/kb/cve_2011_3009.rb +0 -28
  101. data/lib/dawn/kb/cve_2011_3186.rb +0 -29
  102. data/lib/dawn/kb/cve_2011_3187.rb +0 -29
  103. data/lib/dawn/kb/cve_2011_4319.rb +0 -30
  104. data/lib/dawn/kb/cve_2011_4815.rb +0 -28
  105. data/lib/dawn/kb/cve_2011_5036.rb +0 -26
  106. data/lib/dawn/kb/cve_2012_1098.rb +0 -30
  107. data/lib/dawn/kb/cve_2012_1099.rb +0 -27
  108. data/lib/dawn/kb/cve_2012_1241.rb +0 -27
  109. data/lib/dawn/kb/cve_2012_2139.rb +0 -26
  110. data/lib/dawn/kb/cve_2012_2140.rb +0 -27
  111. data/lib/dawn/kb/cve_2012_2660.rb +0 -28
  112. data/lib/dawn/kb/cve_2012_2661.rb +0 -27
  113. data/lib/dawn/kb/cve_2012_2671.rb +0 -28
  114. data/lib/dawn/kb/cve_2012_2694.rb +0 -30
  115. data/lib/dawn/kb/cve_2012_2695.rb +0 -27
  116. data/lib/dawn/kb/cve_2012_3424.rb +0 -29
  117. data/lib/dawn/kb/cve_2012_3463.rb +0 -27
  118. data/lib/dawn/kb/cve_2012_3464.rb +0 -27
  119. data/lib/dawn/kb/cve_2012_3465.rb +0 -26
  120. data/lib/dawn/kb/cve_2012_4464.rb +0 -27
  121. data/lib/dawn/kb/cve_2012_4466.rb +0 -27
  122. data/lib/dawn/kb/cve_2012_4481.rb +0 -26
  123. data/lib/dawn/kb/cve_2012_4522.rb +0 -27
  124. data/lib/dawn/kb/cve_2012_5370.rb +0 -27
  125. data/lib/dawn/kb/cve_2012_5371.rb +0 -27
  126. data/lib/dawn/kb/cve_2012_5380.rb +0 -28
  127. data/lib/dawn/kb/cve_2012_6109.rb +0 -25
  128. data/lib/dawn/kb/cve_2012_6134.rb +0 -27
  129. data/lib/dawn/kb/cve_2012_6496.rb +0 -28
  130. data/lib/dawn/kb/cve_2012_6497.rb +0 -28
  131. data/lib/dawn/kb/cve_2012_6684.rb +0 -28
  132. data/lib/dawn/kb/cve_2013_0155.rb +0 -29
  133. data/lib/dawn/kb/cve_2013_0156.rb +0 -27
  134. data/lib/dawn/kb/cve_2013_0162.rb +0 -28
  135. data/lib/dawn/kb/cve_2013_0175.rb +0 -27
  136. data/lib/dawn/kb/cve_2013_0183.rb +0 -25
  137. data/lib/dawn/kb/cve_2013_0184.rb +0 -25
  138. data/lib/dawn/kb/cve_2013_0233.rb +0 -26
  139. data/lib/dawn/kb/cve_2013_0256.rb +0 -59
  140. data/lib/dawn/kb/cve_2013_0262.rb +0 -26
  141. data/lib/dawn/kb/cve_2013_0263.rb +0 -26
  142. data/lib/dawn/kb/cve_2013_0269.rb +0 -27
  143. data/lib/dawn/kb/cve_2013_0276.rb +0 -28
  144. data/lib/dawn/kb/cve_2013_0277.rb +0 -25
  145. data/lib/dawn/kb/cve_2013_0284.rb +0 -27
  146. data/lib/dawn/kb/cve_2013_0285.rb +0 -27
  147. data/lib/dawn/kb/cve_2013_0333.rb +0 -28
  148. data/lib/dawn/kb/cve_2013_0334.rb +0 -25
  149. data/lib/dawn/kb/cve_2013_1607.rb +0 -25
  150. data/lib/dawn/kb/cve_2013_1655.rb +0 -65
  151. data/lib/dawn/kb/cve_2013_1656.rb +0 -28
  152. data/lib/dawn/kb/cve_2013_1756.rb +0 -26
  153. data/lib/dawn/kb/cve_2013_1800.rb +0 -26
  154. data/lib/dawn/kb/cve_2013_1801.rb +0 -27
  155. data/lib/dawn/kb/cve_2013_1802.rb +0 -27
  156. data/lib/dawn/kb/cve_2013_1812.rb +0 -27
  157. data/lib/dawn/kb/cve_2013_1821.rb +0 -28
  158. data/lib/dawn/kb/cve_2013_1854.rb +0 -26
  159. data/lib/dawn/kb/cve_2013_1855.rb +0 -25
  160. data/lib/dawn/kb/cve_2013_1856.rb +0 -26
  161. data/lib/dawn/kb/cve_2013_1857.rb +0 -27
  162. data/lib/dawn/kb/cve_2013_1875.rb +0 -27
  163. data/lib/dawn/kb/cve_2013_1898.rb +0 -27
  164. data/lib/dawn/kb/cve_2013_1911.rb +0 -28
  165. data/lib/dawn/kb/cve_2013_1933.rb +0 -27
  166. data/lib/dawn/kb/cve_2013_1947.rb +0 -27
  167. data/lib/dawn/kb/cve_2013_1948.rb +0 -27
  168. data/lib/dawn/kb/cve_2013_2065.rb +0 -29
  169. data/lib/dawn/kb/cve_2013_2090.rb +0 -28
  170. data/lib/dawn/kb/cve_2013_2105.rb +0 -26
  171. data/lib/dawn/kb/cve_2013_2119.rb +0 -27
  172. data/lib/dawn/kb/cve_2013_2512.rb +0 -26
  173. data/lib/dawn/kb/cve_2013_2513.rb +0 -25
  174. data/lib/dawn/kb/cve_2013_2516.rb +0 -26
  175. data/lib/dawn/kb/cve_2013_2615.rb +0 -27
  176. data/lib/dawn/kb/cve_2013_2616.rb +0 -27
  177. data/lib/dawn/kb/cve_2013_2617.rb +0 -28
  178. data/lib/dawn/kb/cve_2013_3221.rb +0 -27
  179. data/lib/dawn/kb/cve_2013_4164.rb +0 -30
  180. data/lib/dawn/kb/cve_2013_4203.rb +0 -25
  181. data/lib/dawn/kb/cve_2013_4389.rb +0 -26
  182. data/lib/dawn/kb/cve_2013_4413.rb +0 -27
  183. data/lib/dawn/kb/cve_2013_4457.rb +0 -29
  184. data/lib/dawn/kb/cve_2013_4478.rb +0 -26
  185. data/lib/dawn/kb/cve_2013_4479.rb +0 -26
  186. data/lib/dawn/kb/cve_2013_4489.rb +0 -28
  187. data/lib/dawn/kb/cve_2013_4491.rb +0 -29
  188. data/lib/dawn/kb/cve_2013_4492.rb +0 -29
  189. data/lib/dawn/kb/cve_2013_4562.rb +0 -27
  190. data/lib/dawn/kb/cve_2013_4593.rb +0 -27
  191. data/lib/dawn/kb/cve_2013_5647.rb +0 -29
  192. data/lib/dawn/kb/cve_2013_5671.rb +0 -26
  193. data/lib/dawn/kb/cve_2013_6414.rb +0 -30
  194. data/lib/dawn/kb/cve_2013_6415.rb +0 -29
  195. data/lib/dawn/kb/cve_2013_6416.rb +0 -29
  196. data/lib/dawn/kb/cve_2013_6417.rb +0 -30
  197. data/lib/dawn/kb/cve_2013_6421.rb +0 -28
  198. data/lib/dawn/kb/cve_2013_6459.rb +0 -28
  199. data/lib/dawn/kb/cve_2013_6460.rb +0 -53
  200. data/lib/dawn/kb/cve_2013_6461.rb +0 -57
  201. data/lib/dawn/kb/cve_2013_7086.rb +0 -27
  202. data/lib/dawn/kb/cve_2014_0036.rb +0 -27
  203. data/lib/dawn/kb/cve_2014_0080.rb +0 -29
  204. data/lib/dawn/kb/cve_2014_0081.rb +0 -27
  205. data/lib/dawn/kb/cve_2014_0082.rb +0 -27
  206. data/lib/dawn/kb/cve_2014_0130.rb +0 -27
  207. data/lib/dawn/kb/cve_2014_1233.rb +0 -27
  208. data/lib/dawn/kb/cve_2014_1234.rb +0 -26
  209. data/lib/dawn/kb/cve_2014_2322.rb +0 -28
  210. data/lib/dawn/kb/cve_2014_2525.rb +0 -59
  211. data/lib/dawn/kb/cve_2014_2538.rb +0 -26
  212. data/lib/dawn/kb/cve_2014_3482.rb +0 -28
  213. data/lib/dawn/kb/cve_2014_3483.rb +0 -28
  214. data/lib/dawn/kb/cve_2014_3916.rb +0 -29
  215. data/lib/dawn/kb/cve_2014_4975.rb +0 -28
  216. data/lib/dawn/kb/cve_2014_7818.rb +0 -27
  217. data/lib/dawn/kb/cve_2014_7819.rb +0 -31
  218. data/lib/dawn/kb/cve_2014_7829.rb +0 -30
  219. data/lib/dawn/kb/cve_2014_8090.rb +0 -30
  220. data/lib/dawn/kb/cve_2014_9490.rb +0 -29
  221. data/lib/dawn/kb/cve_2015_1819.rb +0 -34
  222. data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb +0 -28
  223. data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb +0 -28
  224. data/lib/dawn/kb/cve_2015_2963.rb +0 -27
  225. data/lib/dawn/kb/cve_2015_3224.rb +0 -26
  226. data/lib/dawn/kb/cve_2015_3225.rb +0 -28
  227. data/lib/dawn/kb/cve_2015_3226.rb +0 -27
  228. data/lib/dawn/kb/cve_2015_3227.rb +0 -28
  229. data/lib/dawn/kb/cve_2015_3448.rb +0 -29
  230. data/lib/dawn/kb/cve_2015_4020.rb +0 -34
  231. data/lib/dawn/kb/cve_2015_5312.rb +0 -30
  232. data/lib/dawn/kb/cve_2015_7497.rb +0 -32
  233. data/lib/dawn/kb/cve_2015_7498.rb +0 -32
  234. data/lib/dawn/kb/cve_2015_7499.rb +0 -32
  235. data/lib/dawn/kb/cve_2015_7500.rb +0 -32
  236. data/lib/dawn/kb/cve_2015_7519.rb +0 -31
  237. data/lib/dawn/kb/cve_2015_7541.rb +0 -31
  238. data/lib/dawn/kb/cve_2015_7576.rb +0 -35
  239. data/lib/dawn/kb/cve_2015_7577.rb +0 -34
  240. data/lib/dawn/kb/cve_2015_7578.rb +0 -30
  241. data/lib/dawn/kb/cve_2015_7579.rb +0 -30
  242. data/lib/dawn/kb/cve_2015_7581.rb +0 -33
  243. data/lib/dawn/kb/cve_2015_8241.rb +0 -32
  244. data/lib/dawn/kb/cve_2015_8242.rb +0 -32
  245. data/lib/dawn/kb/cve_2015_8317.rb +0 -32
  246. data/lib/dawn/kb/cve_2016_0751.rb +0 -32
  247. data/lib/dawn/kb/cve_2016_0752.rb +0 -35
  248. data/lib/dawn/kb/cve_2016_0753.rb +0 -31
  249. data/lib/dawn/kb/cve_2016_2097.rb +0 -35
  250. data/lib/dawn/kb/cve_2016_2098.rb +0 -35
  251. data/lib/dawn/kb/cve_2016_5697.rb +0 -30
  252. data/lib/dawn/kb/cve_2016_6316.rb +0 -33
  253. data/lib/dawn/kb/cve_2016_6317.rb +0 -32
  254. data/lib/dawn/kb/cve_2016_6582.rb +0 -43
  255. data/lib/dawn/kb/not_revised_code.rb +0 -22
  256. data/lib/dawn/kb/osvdb_105971.rb +0 -29
  257. data/lib/dawn/kb/osvdb_108530.rb +0 -27
  258. data/lib/dawn/kb/osvdb_108563.rb +0 -28
  259. data/lib/dawn/kb/osvdb_108569.rb +0 -28
  260. data/lib/dawn/kb/osvdb_108570.rb +0 -27
  261. data/lib/dawn/kb/osvdb_115654.rb +0 -33
  262. data/lib/dawn/kb/osvdb_116010.rb +0 -30
  263. data/lib/dawn/kb/osvdb_117903.rb +0 -30
  264. data/lib/dawn/kb/osvdb_118579.rb +0 -31
  265. data/lib/dawn/kb/osvdb_118830.rb +0 -32
  266. data/lib/dawn/kb/osvdb_118954.rb +0 -33
  267. data/lib/dawn/kb/osvdb_119878.rb +0 -32
  268. data/lib/dawn/kb/osvdb_119927.rb +0 -33
  269. data/lib/dawn/kb/osvdb_120415.rb +0 -31
  270. data/lib/dawn/kb/osvdb_120857.rb +0 -34
  271. data/lib/dawn/kb/osvdb_121701.rb +0 -30
  272. data/lib/dawn/kb/osvdb_132234.rb +0 -34
  273. data/lib/dawn/kb/owasp_ror_cheatsheet.rb +0 -33
  274. data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +0 -18
  275. data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +0 -57
  276. data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +0 -28
  277. data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +0 -29
  278. data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +0 -33
  279. data/lib/dawn/kb/owasp_ror_cheatsheet/security_related_headers.rb +0 -35
  280. data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +0 -29
  281. data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +0 -31
  282. data/lib/dawn/kb/simpleform_xss_20131129.rb +0 -28
  283. data/lib/dawn/knowledge_base_experimental.rb +0 -245
  284. data/spec/lib/kb/cve_2011_2705_spec.rb +0 -35
  285. data/spec/lib/kb/cve_2011_2930_spec.rb +0 -31
  286. data/spec/lib/kb/cve_2011_3009_spec.rb +0 -25
  287. data/spec/lib/kb/cve_2011_3187_spec.rb +0 -24
  288. data/spec/lib/kb/cve_2011_4319_spec.rb +0 -44
  289. data/spec/lib/kb/cve_2011_5036_spec.rb +0 -95
  290. data/spec/lib/kb/cve_2012_1098_spec.rb +0 -36
  291. data/spec/lib/kb/cve_2012_2139_spec.rb +0 -20
  292. data/spec/lib/kb/cve_2012_2671_spec.rb +0 -23
  293. data/spec/lib/kb/cve_2012_6109_spec.rb +0 -112
  294. data/spec/lib/kb/cve_2012_6684_spec.rb +0 -16
  295. data/spec/lib/kb/cve_2013_0162_spec.rb +0 -23
  296. data/spec/lib/kb/cve_2013_0183_spec.rb +0 -54
  297. data/spec/lib/kb/cve_2013_0184_spec.rb +0 -115
  298. data/spec/lib/kb/cve_2013_0256_spec.rb +0 -34
  299. data/spec/lib/kb/cve_2013_0262_spec.rb +0 -44
  300. data/spec/lib/kb/cve_2013_0263_spec.rb +0 -11
  301. data/spec/lib/kb/cve_2013_0334_spec.rb +0 -35
  302. data/spec/lib/kb/cve_2013_1607_spec.rb +0 -15
  303. data/spec/lib/kb/cve_2013_1655_spec.rb +0 -31
  304. data/spec/lib/kb/cve_2013_1756_spec.rb +0 -23
  305. data/spec/lib/kb/cve_2013_2090_spec.rb +0 -15
  306. data/spec/lib/kb/cve_2013_2105_spec.rb +0 -11
  307. data/spec/lib/kb/cve_2013_2119_spec.rb +0 -27
  308. data/spec/lib/kb/cve_2013_2512_spec.rb +0 -15
  309. data/spec/lib/kb/cve_2013_2513_spec.rb +0 -15
  310. data/spec/lib/kb/cve_2013_2516_spec.rb +0 -15
  311. data/spec/lib/kb/cve_2013_4203_spec.rb +0 -15
  312. data/spec/lib/kb/cve_2013_4413_spec.rb +0 -16
  313. data/spec/lib/kb/cve_2013_4489_spec.rb +0 -63
  314. data/spec/lib/kb/cve_2013_4491_spec.rb +0 -16
  315. data/spec/lib/kb/cve_2013_4593_spec.rb +0 -16
  316. data/spec/lib/kb/cve_2013_5647_spec.rb +0 -19
  317. data/spec/lib/kb/cve_2013_5671_spec.rb +0 -27
  318. data/spec/lib/kb/cve_2013_6414_spec.rb +0 -26
  319. data/spec/lib/kb/cve_2013_6416_spec.rb +0 -31
  320. data/spec/lib/kb/cve_2013_6459_spec.rb +0 -15
  321. data/spec/lib/kb/cve_2013_7086_spec.rb +0 -22
  322. data/spec/lib/kb/cve_2014_0036_spec.rb +0 -15
  323. data/spec/lib/kb/cve_2014_0080_spec.rb +0 -33
  324. data/spec/lib/kb/cve_2014_0081_spec.rb +0 -50
  325. data/spec/lib/kb/cve_2014_0082_spec.rb +0 -52
  326. data/spec/lib/kb/cve_2014_0130_spec.rb +0 -19
  327. data/spec/lib/kb/cve_2014_1233_spec.rb +0 -15
  328. data/spec/lib/kb/cve_2014_1234_spec.rb +0 -16
  329. data/spec/lib/kb/cve_2014_2322_spec.rb +0 -15
  330. data/spec/lib/kb/cve_2014_2538_spec.rb +0 -15
  331. data/spec/lib/kb/cve_2014_3482_spec.rb +0 -15
  332. data/spec/lib/kb/cve_2014_3483_spec.rb +0 -27
  333. data/spec/lib/kb/cve_2014_7818_spec.rb +0 -42
  334. data/spec/lib/kb/cve_2014_7819_spec.rb +0 -139
  335. data/spec/lib/kb/cve_2014_7829_spec.rb +0 -50
  336. data/spec/lib/kb/cve_2014_9490_spec.rb +0 -17
  337. data/spec/lib/kb/cve_2015_1819_spec.rb +0 -16
  338. data/spec/lib/kb/cve_2015_1840_spec.rb +0 -39
  339. data/spec/lib/kb/cve_2015_2963_spec.rb +0 -17
  340. data/spec/lib/kb/cve_2015_3224_spec.rb +0 -16
  341. data/spec/lib/kb/cve_2015_3225_spec.rb +0 -27
  342. data/spec/lib/kb/cve_2015_3226_spec.rb +0 -35
  343. data/spec/lib/kb/cve_2015_3227_spec.rb +0 -31
  344. data/spec/lib/kb/cve_2015_3448_spec.rb +0 -16
  345. data/spec/lib/kb/cve_2015_4020_spec.rb +0 -24
  346. data/spec/lib/kb/cve_2015_5312_spec.rb +0 -31
  347. data/spec/lib/kb/cve_2015_7497_spec.rb +0 -31
  348. data/spec/lib/kb/cve_2015_7498_spec.rb +0 -31
  349. data/spec/lib/kb/cve_2015_7499_spec.rb +0 -31
  350. data/spec/lib/kb/cve_2015_7500_spec.rb +0 -31
  351. data/spec/lib/kb/cve_2015_7519_spec.rb +0 -23
  352. data/spec/lib/kb/cve_2015_7541_spec.rb +0 -15
  353. data/spec/lib/kb/cve_2015_7576_spec.rb +0 -51
  354. data/spec/lib/kb/cve_2015_7577_spec.rb +0 -63
  355. data/spec/lib/kb/cve_2015_7578_spec.rb +0 -15
  356. data/spec/lib/kb/cve_2015_7579_spec.rb +0 -23
  357. data/spec/lib/kb/cve_2015_7581_spec.rb +0 -51
  358. data/spec/lib/kb/cve_2015_8241_spec.rb +0 -31
  359. data/spec/lib/kb/cve_2015_8242_spec.rb +0 -31
  360. data/spec/lib/kb/cve_2015_8317_spec.rb +0 -31
  361. data/spec/lib/kb/cve_2016_0751_spec.rb +0 -55
  362. data/spec/lib/kb/cve_2016_0752_spec.rb +0 -51
  363. data/spec/lib/kb/cve_2016_0753_spec.rb +0 -51
  364. data/spec/lib/kb/cve_2016_2097_spec.rb +0 -35
  365. data/spec/lib/kb/cve_2016_2098_spec.rb +0 -55
  366. data/spec/lib/kb/cve_2016_5697_spec.rb +0 -15
  367. data/spec/lib/kb/cve_2016_6316_spec.rb +0 -44
  368. data/spec/lib/kb/cve_2016_6317_spec.rb +0 -35
  369. data/spec/lib/kb/cve_2016_6582_spec.rb +0 -29
  370. data/spec/lib/kb/osvdb_105971_spec.rb +0 -15
  371. data/spec/lib/kb/osvdb_108530_spec.rb +0 -22
  372. data/spec/lib/kb/osvdb_108563_spec.rb +0 -18
  373. data/spec/lib/kb/osvdb_108569_spec.rb +0 -17
  374. data/spec/lib/kb/osvdb_108570_spec.rb +0 -17
  375. data/spec/lib/kb/osvdb_115654_spec.rb +0 -15
  376. data/spec/lib/kb/osvdb_116010_spec.rb +0 -15
  377. data/spec/lib/kb/osvdb_117903_spec.rb +0 -23
  378. data/spec/lib/kb/osvdb_118579_spec.rb +0 -8
  379. data/spec/lib/kb/osvdb_118830_spec.rb +0 -16
  380. data/spec/lib/kb/osvdb_118954_spec.rb +0 -20
  381. data/spec/lib/kb/osvdb_119878_spec.rb +0 -92
  382. data/spec/lib/kb/osvdb_119927_spec.rb +0 -16
  383. data/spec/lib/kb/osvdb_120415_spec.rb +0 -16
  384. data/spec/lib/kb/osvdb_120857_spec.rb +0 -32
  385. data/spec/lib/kb/osvdb_121701_spec.rb +0 -15
  386. data/spec/lib/kb/osvdb_132234_spec.rb +0 -15
  387. metadata.gz.sig +0 -0
@@ -1,15 +0,0 @@
1
- require 'spec_helper'
2
- describe "The CVE-2016-5697 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::CVE_2016_5697.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"ruby-saml", :version=>"1.2.9"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a fixed release is detected" do
12
- @check.dependencies = [{:name=>"ruby-saml", :version=>"1.3.0"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- end
@@ -1,44 +0,0 @@
1
- require 'spec_helper'
2
- describe "The CVE-2016-6316 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::CVE_2016_6316.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"actionview", :version=>"3.2.22.2"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is reported when the vulnerable gem is detected" do
12
- @check.dependencies = [{:name=>"actionview", :version=>"5.0.0.0"}]
13
- expect(@check.vuln?).to eq(true)
14
- end
15
- it "is reported when the vulnerable gem is detected" do
16
- @check.dependencies = [{:name=>"actionview", :version=>"4.2.6"}]
17
- expect(@check.vuln?).to eq(true)
18
- end
19
-
20
- it "is not reported when a fixed release is detected" do
21
- @check.dependencies = [{:name=>"actionview", :version=>"3.0.0"}]
22
- expect(@check.vuln?).to eq(false)
23
- end
24
- it "is not reported when a fixed release is detected" do
25
- @check.dependencies = [{:name=>"actionview", :version=>"2.2.0"}]
26
- expect(@check.vuln?).to eq(false)
27
- end
28
- it "is not reported when a fixed release is detected" do
29
- @check.dependencies = [{:name=>"actionview", :version=>"1.2.0"}]
30
- expect(@check.vuln?).to eq(false)
31
- end
32
- it "is not reported when a fixed release is detected" do
33
- @check.dependencies = [{:name=>"actionview", :version=>"3.2.22.3"}]
34
- expect(@check.vuln?).to eq(false)
35
- end
36
- it "is not reported when a fixed release is detected" do
37
- @check.dependencies = [{:name=>"actionview", :version=>"4.2.7.1"}]
38
- expect(@check.vuln?).to eq(false)
39
- end
40
- it "is not reported when a fixed release is detected" do
41
- @check.dependencies = [{:name=>"actionview", :version=>"5.0.0.1"}]
42
- expect(@check.vuln?).to eq(false)
43
- end
44
- end
@@ -1,35 +0,0 @@
1
- require 'spec_helper'
2
- describe "The CVE-2016-6317 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::CVE_2016_6317.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"activerecord", :version=>"4.2.7.0"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a fixed release is detected" do
12
- @check.dependencies = [{:name=>"activerecord", :version=>"4.2.7.1"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- it "is not reported when a fixed release is detected" do
16
- @check.dependencies = [{:name=>"activerecord", :version=>"4.1.0"}]
17
- expect(@check.vuln?).to eq(false)
18
- end
19
- it "is not reported when a fixed release is detected" do
20
- @check.dependencies = [{:name=>"activerecord", :version=>"3.1.0"}]
21
- expect(@check.vuln?).to eq(false)
22
- end
23
- it "is not reported when a fixed release is detected" do
24
- @check.dependencies = [{:name=>"activerecord", :version=>"2.1.0"}]
25
- expect(@check.vuln?).to eq(false)
26
- end
27
- it "is not reported when a fixed release is detected" do
28
- @check.dependencies = [{:name=>"activerecord", :version=>"1.1.0"}]
29
- expect(@check.vuln?).to eq(false)
30
- end
31
- it "is not reported when a fixed release is detected" do
32
- @check.dependencies = [{:name=>"activerecord", :version=>"5.0.0"}]
33
- expect(@check.vuln?).to eq(false)
34
- end
35
- end
@@ -1,29 +0,0 @@
1
- require 'spec_helper'
2
- describe "The CVE-2016-6582 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::CVE_2016_6582.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"doorkeeper", :version=>"1.2.0"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is reported when the vulnerable gem is detected" do
12
- @check.dependencies = [{:name=>"doorkeeper", :version=>"2.5.0"}]
13
- expect(@check.vuln?).to eq(true)
14
- end
15
- it "is reported when the vulnerable gem is detected" do
16
- @check.dependencies = [{:name=>"doorkeeper", :version=>"3.9.0"}]
17
- expect(@check.vuln?).to eq(true)
18
- end
19
-
20
- it "is reported when the vulnerable gem is detected" do
21
- @check.dependencies = [{:name=>"doorkeeper", :version=>"4.1.0"}]
22
- expect(@check.vuln?).to eq(true)
23
- end
24
-
25
- it "is not reported when a fixed release is detected" do
26
- @check.dependencies = [{:name=>"doorkeeper", :version=>"4.2.0"}]
27
- expect(@check.vuln?).to eq(false)
28
- end
29
- end
@@ -1,15 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_105971 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_105971.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (0.4.14)" do
8
- @check.dependencies = [{:name=>"sfpagent", :version=>"0.4.14"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe version it has been found (0.4.15)" do
12
- @check.dependencies = [{:name=>"sfpagent", :version=>"0.4.15"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- end
@@ -1,22 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB-108530 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_108530.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (1.0.3.rc2)" do
8
- @check.dependencies = [{:name=>"kajam", :version=>"1.0.3.rc2"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe version it has been found (1.0.3)" do
12
- @check.dependencies = [{:name=>"kajam", :version=>"1.0.3"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- it "is not reported when a safe version it has been found (1.0.4)" do
16
- @check.dependencies = [{:name=>"kajam", :version=>"1.0.4"}]
17
- expect(@check.vuln?).to eq(false)
18
- end
19
-
20
- it "must be filled with CVE identifier"
21
- it "must be filled with CVSS information"
22
- end
@@ -1,18 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB-108563 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_108563.new
5
- # @check.debug = true
6
- end
7
-
8
- it "is reported when a vulnerable version it has been found (1.0.0)" do
9
- @check.dependencies = [{:name=>"gyazo", :version=>"1.0.0"}]
10
- expect(@check.vuln?).to eq(true)
11
- end
12
- it "is not reported when a safe version it has been found (0.4.15)" do
13
- @check.dependencies = [{:name=>"gyazo", :version=>"1.0.1"}]
14
- expect(@check.vuln?).to eq(false)
15
- end
16
- it "must be filled with CVE identifier"
17
- it "must be filled with CVSS information"
18
- end
@@ -1,17 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB-108569 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_108569.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable backup_checksum gem version it has been found (3.0.23)" do
8
- @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.23"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe backup_checksum gem version it has been found (3.0.24)" do
12
- @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.24"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- it "must be filled with CVE identifier"
16
- it "must be filled with CVSS information"
17
- end
@@ -1,17 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB-108570 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_108570.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (3.0.23)" do
8
- @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.23"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe version it has been found (0.4.15)" do
12
- @check.dependencies = [{:name=>"backup_checksum", :version=>"3.0.24"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- it "must be filled with CVE identifier"
16
- it "must be filled with CVSS information"
17
- end
@@ -1,15 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_115654 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_115654.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.1"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a fixed release is detected" do
12
- @check.dependencies = [{:name=>"raven-ruby", :version=>"0.12.2"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- end
@@ -1,15 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_116010 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_116010.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.0"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a fixed release is detected" do
12
- @check.dependencies = [{:name=>"doorkeeper", :version=>"1.4.1"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- end
@@ -1,23 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_117903 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_117903.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.2"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is reported when the vulnerable gem is detected" do
12
- @check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.1"}]
13
- expect(@check.vuln?).to eq(true)
14
- end
15
- it "is not reported when a fixed release is detected" do
16
- @check.dependencies = [{:name=>"ruby-saml", :version=>"0.7.3"}]
17
- expect(@check.vuln?).to eq(false)
18
- end
19
- it "is not reported when a fixed release is detected" do
20
- @check.dependencies = [{:name=>"ruby-saml", :version=>"0.8.2"}]
21
- expect(@check.vuln?).to eq(false)
22
- end
23
- end
@@ -1,8 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_118579 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_118579.new
5
- # @check.debug = true
6
- end
7
- it "We are not currently aware of a solution for this vulnerability."
8
- end
@@ -1,16 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_118830 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_118830.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (2.1.1)" do
8
- @check.dependencies = [{:name=>"doorkeeper", :version=>"2.1.1"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe version it has been found (2.1.2)" do
12
- @check.dependencies = [{:name=>"doorkeepr", :version=>"2.1.2"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
-
16
- end
@@ -1,20 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_118954 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_118954.new
5
- # @check.debug = true
6
- end
7
- it "is reported when the vulnerable gem is detected" do
8
- @check.dependencies = [{:name=>"rails", :version=>"4.2.0"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a fixed release is detected" do
12
- @check.dependencies = [{:name=>"rails", :version=>"4.2.1.rc3"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
- it "is not reported when a fixed release is detected" do
16
- @check.dependencies = [{:name=>"rails", :version=>"4.0.3"}]
17
- expect(@check.vuln?).to eq(false)
18
- end
19
-
20
- end
@@ -1,92 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_119878 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_119878.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (1.6.1.a)" do
8
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.1.a"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is reported when a vulnerable version it has been found (1.6.1)" do
12
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.1"}]
13
- expect(@check.vuln?).to eq(true)
14
- end
15
- it "is reported when a vulnerable version it has been found (1.6.2" do
16
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.2"}]
17
- expect(@check.vuln?).to eq(true)
18
- end
19
- it "is reported when a vulnerable version it has been found (1.6.2.a" do
20
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.2.a"}]
21
- expect(@check.vuln?).to eq(true)
22
- end
23
- it "is reported when a vulnerable version it has been found (1.6.3)" do
24
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.3"}]
25
- expect(@check.vuln?).to eq(true)
26
- end
27
- it "is reported when a vulnerable version it has been found (1.6.4)" do
28
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.4"}]
29
- expect(@check.vuln?).to eq(true)
30
- end
31
- it "is reported when a vulnerable version it has been found (1.6.5)" do
32
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.5"}]
33
- expect(@check.vuln?).to eq(true)
34
- end
35
- it "is reported when a vulnerable version it has been found (1.6.6)" do
36
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.6"}]
37
- expect(@check.vuln?).to eq(true)
38
- end
39
- it "is reported when a vulnerable version it has been found (1.6.7)" do
40
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.7"}]
41
- expect(@check.vuln?).to eq(true)
42
- end
43
- it "is reported when a vulnerable version it has been found (1.6.8)" do
44
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.8"}]
45
- expect(@check.vuln?).to eq(true)
46
- end
47
- it "is reported when a vulnerable version it has been found (1.6.8.rc1)" do
48
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.8.rc1"}]
49
- expect(@check.vuln?).to eq(true)
50
- end
51
- it "is reported when a vulnerable version it has been found (1.6.9)" do
52
- @check.dependencies = [{:name=>"rest-client", :version=>"1.6.9"}]
53
- expect(@check.vuln?).to eq(true)
54
- end
55
- it "is reported when a vulnerable version it has been found (1.7.0.rc1)" do
56
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.0.rc1"}]
57
- expect(@check.vuln?).to eq(true)
58
- end
59
- it "is reported when a vulnerable version it has been found (1.7.0)" do
60
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.0"}]
61
- expect(@check.vuln?).to eq(true)
62
- end
63
- it "is reported when a vulnerable version it has been found (1.7.1)" do
64
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.1"}]
65
- expect(@check.vuln?).to eq(true)
66
- end
67
- it "is reported when a vulnerable version it has been found (1.7.2)" do
68
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.2"}]
69
- expect(@check.vuln?).to eq(true)
70
- end
71
- it "is reported when a vulnerable version it has been found (1.7.2.rc1)" do
72
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.2.rc1"}]
73
- expect(@check.vuln?).to eq(true)
74
- end
75
- it "is reported when a vulnerable version it has been found (1.7.3)" do
76
- @check.dependencies = [{:name=>"rest-client", :version=>"1.7.3"}]
77
- expect(@check.vuln?).to eq(true)
78
- end
79
- it "is not reported when a safe version it has been found (1.8.0)" do
80
- @check.dependencies = [{:name=>"rest-client", :version=>"1.8.0"}]
81
- expect(@check.vuln?).to eq(false)
82
- end
83
- it "is not reported when a safe version it has been found (2.0.0.rc1)" do
84
- @check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc1"}]
85
- expect(@check.vuln?).to eq(false)
86
- end
87
- it "is not reported when a safe version it has been found (2.0.0.rc2)" do
88
- @check.dependencies = [{:name=>"rest-client", :version=>"2.0.0.rc2"}]
89
- expect(@check.vuln?).to eq(false)
90
- end
91
-
92
- end
@@ -1,16 +0,0 @@
1
- require 'spec_helper'
2
- describe "The OSVDB_119927 vulnerability" do
3
- before(:all) do
4
- @check = Dawn::Kb::OSVDB_119927.new
5
- # @check.debug = true
6
- end
7
- it "is reported when a vulnerable version it has been found (0.7.3)" do
8
- @check.dependencies = [{:name=>"http", :version=>"0.7.3"}]
9
- expect(@check.vuln?).to eq(true)
10
- end
11
- it "is not reported when a safe version it has been found (0.8.0)" do
12
- @check.dependencies = [{:name=>"http", :version=>"0.8.0"}]
13
- expect(@check.vuln?).to eq(false)
14
- end
15
-
16
- end