dradis-nessus 3.7.0 → 3.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a14b2a69eab17116cc157efa4f8d1b295f5635c6
-  data.tar.gz: e5bfed8770eed64b75b5800ba518762c9ae1820e
+  metadata.gz: 6848358a38d973814a0969c145bc8f0b984deb6f
+  data.tar.gz: 1efdf8f1ecb26f4350282c8f10ab41b01e22d30d
 SHA512:
-  metadata.gz: 423de525cac3910168f9423db7da9a28ef9bdd7a20192f179728bc1a58e0c265b79aa5feffaae799761af470a19f2cf191bd96022999fab97f05f631f4461fd6
-  data.tar.gz: c5e29c4c84d65f5995db98ce4f4f6c7105b7466ac5ecd2493867b9ca6309108276271ab56a72bb894d0eb5881fdcec882aefbd667bc161fce259b4b57da499ff
+  metadata.gz: 4be6eb1aa00202aac9b371857fb7c9dc1fd7415d7b542ed9712618233ff1619006c5610a2d34c50c68aeb0747dba4ab19708beac7b39d9e704dbe7317c662a5e
+  data.tar.gz: 0dd2cd17b8c64ea70462e7d7a238a877ad00753b3c8436c2c6d05017da60e9fbe8c64d049604036c1c0af2145ef13fea294a9ddd07bc62d71b90d73f69786df1

data/CHANGELOG.md

@@ -1,8 +1,11 @@
+## Dradis Framework 3.8 (September, 2017) ##
+
+*   Added CVSSv3 fields.
+
 ## Dradis Framework 3.7 (July, 2017) ##
 
 *   No changes.
 
-
 ## Dradis Framework 3.6 (March, 2017) ##
 
 *   No changes.

data/lib/dradis/plugins/nessus/gem_version.rb

@@ -8,7 +8,7 @@ module Dradis
 
       module VERSION
         MAJOR = 3
-        MINOR = 7
+        MINOR = 8
         TINY = 0
         PRE = nil
 

data/lib/nessus/report_item.rb

@@ -22,9 +22,9 @@ module Nessus
         :port, :svc_name, :protocol, :severity, :plugin_id, :plugin_name, :plugin_family,
         # simple tags
         :solution, :risk_factor, :description, :plugin_publication_date,
-        :metasploit_name, :cvss_vector, :cvss_temporal_vector, :synopsis,
+        :metasploit_name, :cvss_vector, :cvss3_vector, :cvss_temporal_vector, :synopsis,
         :exploit_available, :patch_publication_date, :plugin_modification_date,
-        :cvss_temporal_score, :cvss_base_score, :plugin_output,
+        :cvss_temporal_score, :cvss_base_score, :cvss3_base_score, :plugin_output,
         :plugin_version, :exploitability_ease, :vuln_publication_date,
         :exploit_framework_canvas, :exploit_framework_metasploit,
         :exploit_framework_core,

data/templates/report_item.fields

@@ -16,9 +16,11 @@ report_item.description
 report_item.plugin_publication_date
 report_item.metasploit_name
 report_item.cvss_vector
+report_item.cvss3_vector
 report_item.cvss_temporal_vector
 report_item.cvss_temporal_score
 report_item.cvss_base_score
+report_item.cvss3_base_score
 report_item.synopsis
 report_item.exploit_available
 report_item.patch_publication_date

data/templates/report_item.sample

@@ -23,6 +23,8 @@ If safe checks are enabled, this may be a false positive since it is based on th
 
   <plugin_publication_date>2002/06/17</plugin_publication_date>
   <metasploit_name>Apache Win32 Chunked Encoding</metasploit_name>
+  <cvss3_base_score>3.7</cvss3_base_score>
+  <cvss3_vector>CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</cvss3_vector>
   <cvss_vector>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P</cvss_vector>
   <synopsis>The remote web server is vulnerable to a remote code execution attack.</synopsis>
   <plugin_type>remote</plugin_type>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-nessus
 version: !ruby/object:Gem::Version
-  version: 3.7.0
+  version: 3.8.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-07-26 00:00:00.000000000 Z
+date: 2017-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins