dradis-qualys 4.4.0 → 4.6.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2da61b9fd75db0c8211be93f7449d215ac487a68f96bfed06890a0faeeca9df1
4
- data.tar.gz: 612d0c2f9c12cec4f3c2c65eeb3a4d4ad1ae8bd9a091ef67894e077fc0e73079
3
+ metadata.gz: b211ec5765fe8b6ed2f1208e0afda9ecbccd5144bf98b806e3d372877367aeea
4
+ data.tar.gz: 8cfcefbbf47dd1b272d6266d17437c1aa18de070fdead59788d0f394622fe23e
5
5
  SHA512:
6
- metadata.gz: 998662ea3dd5a075ffc5eb764b781d3f4e56b5af56243317270616eeb59eb9cf7607823cb359b783f8f5f4417a224c8c4c068154f4382160fa89ef71ccb66851
7
- data.tar.gz: ee2968f166612fd5bab2188ea0aba072dd50ca46f99b178a2ea4b24acb7816f888ccdfbdb781af0afcdc4c9c1e3591c0758a1ea146ae6f8b7652c6f4cd60da53
6
+ metadata.gz: 2d5e808be8c4415fdd526b9beb3074c40e9c61a510b658ec05005bfabea9ed48444d760772182a07ee15a37e7dc4ebdab0a49f488ee2548d9eea56e7187add49
7
+ data.tar.gz: ddd3aa978a1f92afbdb9e400e44b62ea467db55723790636ec6eea3afa0648f8ca1f9062550d6e28e16def4934276c8ec10b026891d4c97ac79477227739c548
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ v4.6.0 (November 2022)
2
+ - No changes
3
+
4
+ v4.5.0 (August 2022)
5
+ - Wrap ciphers in code blocks for the Vuln Importer
6
+
1
7
  v4.4.0 (June 2022)
2
8
  - Registers template mappings locally
3
9
 
@@ -8,7 +8,7 @@ module Dradis
8
8
 
9
9
  module VERSION
10
10
  MAJOR = 4
11
- MINOR = 4
11
+ MINOR = 6
12
12
  TINY = 0
13
13
  PRE = nil
14
14
 
@@ -31,6 +31,8 @@ module Qualys
31
31
  # Instead of providing separate methods for each supported property we rely
32
32
  # on Ruby's #method_missing to do most of the work.
33
33
  class Element
34
+ SSL_CIPHER_VULN_IDS = %w[38140 38141 42366 86729].freeze
35
+
34
36
  # Accepts an XML node from Nokogiri::XML.
35
37
  def initialize(xml_node)
36
38
  @xml = xml_node
@@ -91,20 +93,12 @@ module Qualys
91
93
  method_name = method.to_s
92
94
  return @xml.attributes[method_name].value if @xml.attributes.key?(method_name)
93
95
 
94
- # Then we try simple children tags: TITLE, LAST_UPDATE, CVSS_BASE...
95
96
  tag = @xml.at_xpath("./#{method_name.upcase}")
96
- if tag && !tag.text.blank?
97
- if tags_with_html_content.include?(method)
98
- return Qualys::cleanup_html(tag.text)
99
- else
100
- return tag.text
101
- end
102
- else
103
- 'n/a'
104
- end
105
-
106
97
  if method_name == 'qualys_collection'
107
98
  @xml.name
99
+ elsif tag && !tag.text.blank?
100
+ vuln_id = @xml.attributes['number'].to_s
101
+ cleanup_tag(method, vuln_id, tag.text)
108
102
  else
109
103
  # nothing found, the tag is valid but not present in this ReportItem
110
104
  return nil
@@ -113,9 +107,21 @@ module Qualys
113
107
 
114
108
  private
115
109
 
110
+ def add_bc_to_ssl_cipher_list(source)
111
+ result = source
112
+ result.gsub!(/^(.*?):!(.*?)$/) { "\nbc. #{$1}:!#{$2}\n" }
113
+ result
114
+ end
115
+
116
+ def cleanup_tag(method, vuln_id, text)
117
+ result = text
118
+ result = Qualys::cleanup_html(result) if tags_with_html_content.include?(method)
119
+ result = add_bc_to_ssl_cipher_list(result) if SSL_CIPHER_VULN_IDS.include?(vuln_id)
120
+ result
121
+ end
122
+
116
123
  def tags_with_html_content
117
124
  [:consequence, :diagnosis, :solution]
118
125
  end
119
-
120
126
  end
121
127
  end
@@ -0,0 +1,64 @@
1
+ <?xml version="1.0" encoding="UTF-8" ?>
2
+
3
+ <!DOCTYPE SCAN SYSTEM "https://qualysguard.qualys.de/scan-1.dtd">
4
+ <SCAN value="scan/1327124089.959">
5
+
6
+ <HEADER>
7
+ <KEY value="USERNAME">dradispro</KEY>
8
+ <KEY value="COMPANY"><![CDATA[Security Roots]]></KEY>
9
+ <KEY value="DATE">2011-12-20T12:00:00Z</KEY>
10
+ <KEY value="TITLE"><![CDATA[Sample_Test_Scan]]></KEY>
11
+ <KEY value="TARGET">10.0.155.157,10.0.155.160</KEY>
12
+ <KEY value="DURATION">03:42:36</KEY>
13
+ <KEY value="SCAN_HOST">62.210.136.186 (Scanner 4.14.30-1,Web 6.0 FR6 [build 6.3.94-1],Vulnsigs 1.22.62-1)</KEY>
14
+ <KEY value="NBHOST_ALIVE">2</KEY>
15
+ <KEY value="NBHOST_TOTAL">2</KEY>
16
+ <KEY value="REPORT_TYPE">Scheduled</KEY>
17
+ <KEY value="OPTIONS">Full TCP scan, Standard Password Brute Forcing, Load balancer detection OFF, Overall Performance: Custom, Hosts to Scan in Parallel - External Scanners: 1, Hosts to Scan in Parallel - Scanner Appliances: 1, Total Processes to Run in Parallel: 1, HTTP Processes to Run in Parallel: 1, Packet (Burst) Delay: Maximum</KEY>
18
+ <KEY value="STATUS">FINISHED</KEY>
19
+ <OPTION_PROFILE>
20
+ <OPTION_PROFILE_TITLE option_profile_default="0"><![CDATA[Payment Card Industry (PCI) Options]]></OPTION_PROFILE_TITLE>
21
+ </OPTION_PROFILE>
22
+ </HEADER>
23
+
24
+ <IP value="10.0.155.160" name="No registered hostname">
25
+ <OS><![CDATA[Linux 2.4-2.6]]></OS>
26
+ <VULNS>
27
+ <CAT value="Web server" port="80" protocol="tcp">
28
+ <VULN number="38140" severity="1">
29
+ <TITLE><![CDATA[Apache Web Server ETag Header Information Disclosure Weakness]]></TITLE>
30
+ <LAST_UPDATE><![CDATA[2007-10-18T18:42:10Z]]></LAST_UPDATE>
31
+ <CVSS_BASE source="service">4.3</CVSS_BASE>
32
+ <CVSS_TEMPORAL>3.5</CVSS_TEMPORAL>
33
+ <PCI_FLAG>0</PCI_FLAG>
34
+ <BUGTRAQ_ID_LIST>
35
+ <BUGTRAQ_ID>
36
+ <ID><![CDATA[6939]]></ID>
37
+ <URL><![CDATA[http://www.securityfocus.com/bid/6939]]></URL>
38
+ </BUGTRAQ_ID>
39
+ </BUGTRAQ_ID_LIST>
40
+ <DIAGNOSIS>
41
+ <![CDATA[The Apache HTTP Server is a popular, open-source HTTP server for multiple platforms, including Windows, Unix, and Linux.
42
+ <P>
43
+ A cache management feature for Apache makes use of an entity tag (ETag) header. When this option is enabled and a request is made for a document relating to a file, an ETag response header is returned containing various file attributes for caching purposes. ETag information allows subsequent file requests to contain specific information, such as the file's inode number.
44
+ <P>
45
+ A weakness has been found in the generation of ETag headers under certain configurations implementing the FileETag directive. Among the file attributes included in the header is the file inode number that is returned to a client. In Apache Versions 1.3.22 and earlier, it's not possible to disable inodes in in ETag headers. In later versions, the default behavior is to release this sensitive information.]]>
46
+ </DIAGNOSIS>
47
+ <CONSEQUENCE><![CDATA[This vulnerability poses a security risk, as the disclosure of inode information may aid in launching attacks against other network-based services. For instance, NFS uses inode numbers to generate file handles.]]></CONSEQUENCE>
48
+ <SOLUTION>
49
+ <![CDATA[OpenBSD has released a <A HREF="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/008_httpd.patch" TARGET="_blank">patch</A> that fixes this vulnerability. After installing the patch, inode numbers returned from the server are encoded using a private hash to avoid the release of sensitive information.
50
+ <P>
51
+ Customers are advised to upgrade to the latest version of Apache. In Apache Version <A HREF="http://httpd.apache.org/docs/1.3/mod/core.html#fileetag" TARGET="_blank">1.3.23</A> and later, it's possible to configure the FileETag directive to generate ETag headers without inode information.
52
+ To do so, include &quot;FileETag -INode&quot; in the Apache server configuration file for a specific subdirectory.<P>
53
+ In order to fix this vulnerability globally, for the Web server, use the option &quot;FileETag None&quot;. Use the option &quot;FileETag
54
+ MTime Size&quot; if you just want to remove the Inode information.
55
+ <P>SSLCipherSuite RC4-SHA:HIGH:!ADH<P>
56
+ ]]>
57
+ </SOLUTION>
58
+ <RESULT><![CDATA[&quot;3bee-4f12-00794aef&quot;]]></RESULT>
59
+ </VULN>
60
+ </CAT>
61
+ </VULNS>
62
+ </IP>
63
+ </SCAN>
64
+ <!-- CONFIDENTIAL AND PROPRIETARY INFORMATION. Qualys provides the QualysGuard Service "As Is," without any warranty of any kind. Qualys makes no warranty that the information contained in this report is complete or error-free. Copyright 2008, Qualys, Inc. //-->
@@ -20,7 +20,7 @@ module Dradis::Plugins
20
20
  let(:run_import!) { @importer.import(file: example_xml) }
21
21
 
22
22
  it 'creates nodes as needed' do
23
- expect_to_create_node_with(label: '10.0.2.8')
23
+ expect_to_create_node_with(label: '10.0.0.1')
24
24
  run_import!
25
25
  end
26
26
 
@@ -143,5 +143,22 @@ module Dradis::Plugins
143
143
  @importer.import(file: 'spec/fixtures/files/no_result.xml')
144
144
  end
145
145
  end
146
+
147
+ context 'VULN with ciphers' do
148
+ it 'wraps cipher in code block' do
149
+ expect_to_create_issue_with(
150
+ text: "\nbc. SSLCipherSuite RC4-SHA:HIGH:!ADH"
151
+ )
152
+
153
+ @importer.import(file: 'spec/fixtures/files/with_ciphers.xml')
154
+ end
155
+ end
156
+
157
+ def expect_to_create_issue_with(text:)
158
+ expect(@content_service).to receive(:create_issue) do |args|
159
+ expect(args[:text]).to include text
160
+ OpenStruct.new(args)
161
+ end.once
162
+ end
146
163
  end
147
164
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-qualys
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.4.0
4
+ version: 4.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-06-13 00:00:00.000000000 Z
11
+ date: 2022-11-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins
@@ -135,6 +135,7 @@ files:
135
135
  - spec/fixtures/files/simple_asset.xml
136
136
  - spec/fixtures/files/simple_was.xml
137
137
  - spec/fixtures/files/two_hosts_common_issue.xml
138
+ - spec/fixtures/files/with_ciphers.xml
138
139
  - spec/qualys/asset/importer_spec.rb
139
140
  - spec/qualys/element_spec.rb
140
141
  - spec/qualys/vuln/importer_spec.rb
@@ -178,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
178
179
  - !ruby/object:Gem::Version
179
180
  version: '0'
180
181
  requirements: []
181
- rubygems_version: 3.2.32
182
+ rubygems_version: 3.1.4
182
183
  signing_key:
183
184
  specification_version: 4
184
185
  summary: Qualys add-on for the Dradis Framework.
@@ -189,6 +190,7 @@ test_files:
189
190
  - spec/fixtures/files/simple_asset.xml
190
191
  - spec/fixtures/files/simple_was.xml
191
192
  - spec/fixtures/files/two_hosts_common_issue.xml
193
+ - spec/fixtures/files/with_ciphers.xml
192
194
  - spec/qualys/asset/importer_spec.rb
193
195
  - spec/qualys/element_spec.rb
194
196
  - spec/qualys/vuln/importer_spec.rb