dradis-openvas 4.2.0 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/dradis/plugins/openvas/gem_version.rb +1 -1
- data/lib/dradis/plugins/openvas/importer.rb +14 -2
- data/spec/fixtures/files/report_v24.xml +71 -0
- data/spec/openvas/upload_v24_spec.rb +44 -0
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7c78058985d8b5b920947b69c4115cd488f1f506d6f7fab2656717cc27d90985
|
|
4
|
+
data.tar.gz: eae535e726c39db41a686dca04048b49798d9b910c072605addea159a66fec7c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 331ac182cd1cb10011f37876d41ec532a260c951d385f18ccc4bf9ff78c40ab605cf9ef631c4c46ab56e03d7f251e81b33580bb686906497c57a350c5f1024ec
|
|
7
|
+
data.tar.gz: dcd7397fe5f3a6601a5d852c80e35b62241b83d65891d349825646f3c58c3fff4d551060f70e6eb698b37436e9111c5c07a207ca3075a506fddd01319eb3c8c9
|
data/CHANGELOG.md
CHANGED
|
@@ -35,8 +35,7 @@ module Dradis::Plugins::OpenVAS
|
|
|
35
35
|
|
|
36
36
|
def process_result(xml_result)
|
|
37
37
|
# Extract host
|
|
38
|
-
|
|
39
|
-
self.host_node = content_service.create_node(label: host_label, type: :host)
|
|
38
|
+
set_host(xml_result.at_xpath('./host'))
|
|
40
39
|
|
|
41
40
|
# Uniquely identify this issue
|
|
42
41
|
nvt_oid = xml_result.at_xpath('./nvt')[:oid]
|
|
@@ -93,5 +92,18 @@ module Dradis::Plugins::OpenVAS
|
|
|
93
92
|
content_service.create_evidence(issue: issue, node: host_node, content: evidence_content)
|
|
94
93
|
end
|
|
95
94
|
|
|
95
|
+
def set_host(xml_host)
|
|
96
|
+
host_label = xml_host.at_xpath('text()').text
|
|
97
|
+
self.host_node = content_service.create_node(label: host_label, type: :host)
|
|
98
|
+
|
|
99
|
+
xml_hostname = xml_host.at_xpath('./hostname')
|
|
100
|
+
host_node.set_property(:hostname, xml_hostname.text) if xml_hostname
|
|
101
|
+
|
|
102
|
+
xml_asset = xml_host.at_xpath('./asset')
|
|
103
|
+
host_node.set_property(:asset_id, xml_asset[:asset_id]) if xml_asset
|
|
104
|
+
|
|
105
|
+
host_node.save!
|
|
106
|
+
end
|
|
107
|
+
|
|
96
108
|
end
|
|
97
109
|
end
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<report id="9917b2e8-7db6-475b-b591-bd3ba828625c">
|
|
3
|
+
<report>
|
|
4
|
+
<results>
|
|
5
|
+
<result id="32249f6c-89f1-4a93-888f-29404b01374f">
|
|
6
|
+
<subnet>188.111.11.85</subnet>
|
|
7
|
+
<host>188.111.11.85<hostname>www.google.com</hostname></host>
|
|
8
|
+
<port>http (80/tcp)</port>
|
|
9
|
+
<nvt oid="1.3.6.1.4.1.25623.1.0.103122">
|
|
10
|
+
<name>Apache Web Server ETag Header Information Disclosure Weakness</name>
|
|
11
|
+
<family>Web application abuses</family>
|
|
12
|
+
<cvss_base>4.3</cvss_base>
|
|
13
|
+
<risk_factor>Medium</risk_factor>
|
|
14
|
+
<cve>CVE-2003-1418</cve>
|
|
15
|
+
<bid>6939</bid>
|
|
16
|
+
<tags>cvss_base_vector=AV:N/AC:M/Au:N/C:P/I:N/A:N|summary=A weakness has been discovered in Apache web servers that are
|
|
17
|
+
configured to use the FileETag directive. Due to the way in which
|
|
18
|
+
Apache generates ETag response headers, it may be possible for an
|
|
19
|
+
attacker to obtain sensitive information regarding server files.
|
|
20
|
+
Specifically, ETag header fields returned to a client contain the
|
|
21
|
+
file's inode number.
|
|
22
|
+
|
|
23
|
+
Exploitation of this issue may provide an attacker with information
|
|
24
|
+
that may be used to launch further attacks against a target network.
|
|
25
|
+
|
|
26
|
+
OpenBSD has released a patch that addresses this issue. Inode numbers
|
|
27
|
+
returned from the server are now encoded using a private hash to avoid
|
|
28
|
+
the release of sensitive information.|solution=OpenBSD has released a patch to address this issue.
|
|
29
|
+
|
|
30
|
+
Novell has released TID10090670 to advise users to apply the available
|
|
31
|
+
workaround of disabling the directive in the configuration file for
|
|
32
|
+
Apache releases on NetWare. Please see the attached Technical
|
|
33
|
+
Information Document for further details.</tags>
|
|
34
|
+
<cert>
|
|
35
|
+
<warning>database not available</warning>
|
|
36
|
+
</cert>
|
|
37
|
+
<xref>URL:https://www.securityfocus.com/bid/6939, URL:http://httpd.apache.org/docs/mod/core.html#fileetag, URL:http://www.openbsd.org/errata32.html, URL:http://support.novell.com/docs/Tids/Solutions/10090670.html</xref>
|
|
38
|
+
</nvt>
|
|
39
|
+
<threat>Medium</threat>
|
|
40
|
+
<description>Summary:
|
|
41
|
+
A weakness has been discovered in Apache web servers that are
|
|
42
|
+
configured to use the FileETag directive. Due to the way in which
|
|
43
|
+
Apache generates ETag response headers, it may be possible for an
|
|
44
|
+
attacker to obtain sensitive information regarding server files.
|
|
45
|
+
Specifically, ETag header fields returned to a client contain the
|
|
46
|
+
file's inode number.
|
|
47
|
+
|
|
48
|
+
Exploitation of this issue may provide an attacker with information
|
|
49
|
+
that may be used to launch further attacks against a target network.
|
|
50
|
+
|
|
51
|
+
OpenBSD has released a patch that addresses this issue. Inode numbers
|
|
52
|
+
returned from the server are now encoded using a private hash to avoid
|
|
53
|
+
the release of sensitive information.
|
|
54
|
+
Solution:
|
|
55
|
+
OpenBSD has released a patch to address this issue.
|
|
56
|
+
|
|
57
|
+
Novell has released TID10090670 to advise users to apply the available
|
|
58
|
+
workaround of disabling the directive in the configuration file for
|
|
59
|
+
Apache releases on NetWare. Please see the attached Technical
|
|
60
|
+
Information Document for further details.
|
|
61
|
+
|
|
62
|
+
Information that was gathered:
|
|
63
|
+
Inode: 1050855
|
|
64
|
+
Size: 177</description>
|
|
65
|
+
<original_threat>Medium</original_threat>
|
|
66
|
+
<notes />
|
|
67
|
+
<overrides />
|
|
68
|
+
</result>
|
|
69
|
+
</results>
|
|
70
|
+
</report>
|
|
71
|
+
</report>
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe 'Openvas upload plugin' do
|
|
4
|
+
describe 'importer' do
|
|
5
|
+
before(:each) do
|
|
6
|
+
# Stub template service
|
|
7
|
+
templates_dir = File.expand_path('../../../templates', __FILE__)
|
|
8
|
+
expect_any_instance_of(Dradis::Plugins::TemplateService)
|
|
9
|
+
.to receive(:default_templates_dir).and_return(templates_dir)
|
|
10
|
+
|
|
11
|
+
plugin = Dradis::Plugins::OpenVAS
|
|
12
|
+
|
|
13
|
+
@content_service = Dradis::Plugins::ContentService::Base.new(plugin: plugin)
|
|
14
|
+
|
|
15
|
+
allow(@content_service).to receive(:create_note) do |args|
|
|
16
|
+
OpenStruct.new(args)
|
|
17
|
+
end
|
|
18
|
+
allow(@content_service).to receive(:create_node) do |args|
|
|
19
|
+
OpenStruct.new(args)
|
|
20
|
+
end
|
|
21
|
+
allow(@content_service).to receive(:create_issue) do |args|
|
|
22
|
+
OpenStruct.new(args)
|
|
23
|
+
end
|
|
24
|
+
allow(@content_service).to receive(:create_evidence) do |args|
|
|
25
|
+
OpenStruct.new(args)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
@importer = plugin::Importer.new(
|
|
29
|
+
content_service: @content_service
|
|
30
|
+
)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
context 'Openvas v24 output' do
|
|
34
|
+
it 'parses node label without hostname' do
|
|
35
|
+
expect(@content_service).to receive(:create_node) do |args|
|
|
36
|
+
expect(args[:label]).to eq('188.111.11.85')
|
|
37
|
+
expect(args[:type]).to eq(:host)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
@importer.import(file: File.expand_path('../fixtures/files/report_v24.xml', __dir__))
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-openvas
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-04-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -112,10 +112,12 @@ files:
|
|
|
112
112
|
- lib/openvas/v6/result.rb
|
|
113
113
|
- lib/openvas/v7/result.rb
|
|
114
114
|
- lib/tasks/thorfile.rb
|
|
115
|
+
- spec/fixtures/files/report_v24.xml
|
|
115
116
|
- spec/fixtures/files/result.xml
|
|
116
117
|
- spec/fixtures/files/result2.xml
|
|
117
118
|
- spec/fixtures/files/v7/report_v7.xml
|
|
118
119
|
- spec/openvas/result_spec.rb
|
|
120
|
+
- spec/openvas/upload_v24_spec.rb
|
|
119
121
|
- spec/spec_helper.rb
|
|
120
122
|
- spec/support/fixture_loader.rb
|
|
121
123
|
- templates/evidence.fields
|
|
@@ -148,9 +150,11 @@ signing_key:
|
|
|
148
150
|
specification_version: 4
|
|
149
151
|
summary: OpenVAS add-on for the Dradis Framework.
|
|
150
152
|
test_files:
|
|
153
|
+
- spec/fixtures/files/report_v24.xml
|
|
151
154
|
- spec/fixtures/files/result.xml
|
|
152
155
|
- spec/fixtures/files/result2.xml
|
|
153
156
|
- spec/fixtures/files/v7/report_v7.xml
|
|
154
157
|
- spec/openvas/result_spec.rb
|
|
158
|
+
- spec/openvas/upload_v24_spec.rb
|
|
155
159
|
- spec/spec_helper.rb
|
|
156
160
|
- spec/support/fixture_loader.rb
|