risu 1.6.3 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +12 -0
- data/Gemfile.ci +9 -9
- data/Gemfile.lock +118 -0
- data/LICENSE +1 -1
- data/NEWS.markdown +98 -0
- data/README.markdown +10 -3
- data/Rakefile +2 -2
- data/bin/risu +3 -3
- data/lib/risu.rb +6 -2
- data/lib/risu/base.rb +10 -3
- data/lib/risu/base/graph_template_helper.rb +71 -0
- data/lib/risu/base/host_template_helper.rb +75 -0
- data/lib/risu/base/malware_template_helper.rb +96 -0
- data/lib/risu/base/post_process_base.rb +210 -0
- data/lib/risu/base/post_process_manager.rb +120 -0
- data/lib/risu/base/schema.rb +10 -7
- data/lib/risu/base/shares_template_helper.rb +158 -0
- data/lib/risu/base/template_base.rb +12 -10
- data/lib/risu/base/template_helper.rb +105 -3
- data/lib/risu/base/template_manager.rb +16 -12
- data/lib/risu/base/templater.rb +23 -9
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +23 -17
- data/lib/risu/cli/banner.rb +3 -3
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +3 -3
- data/lib/risu/models/familyselection.rb +3 -3
- data/lib/risu/models/host.rb +74 -9
- data/lib/risu/models/hostproperty.rb +3 -3
- data/lib/risu/models/individualpluginselection.rb +3 -3
- data/lib/risu/models/item.rb +92 -29
- data/lib/risu/models/patch.rb +3 -3
- data/lib/risu/models/plugin.rb +30 -2
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +3 -3
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +3 -3
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +23 -16
- data/lib/risu/parsers/nessus/postprocess.rb +3 -6
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +82 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +86 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +67 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +104 -0
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +60 -0
- data/lib/risu/parsers/nessus/postprocess/java.rb +49 -198
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +65 -0
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +54 -0
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +84 -0
- data/lib/risu/parsers/nessus/postprocess/php.rb +62 -0
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +178 -0
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +10 -5
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +375 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/windows.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +72 -0
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +3 -1
- data/lib/risu/renderers/csvrenderer.rb +53 -0
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +57 -0
- data/lib/risu/templates/assets.rb +5 -4
- data/lib/risu/templates/cover_sheet.rb +4 -3
- data/lib/risu/templates/exec_summary.rb +4 -3
- data/lib/risu/templates/executive_summary_detailed.rb +9 -8
- data/lib/risu/templates/exploitablity_summary.rb +82 -0
- data/lib/risu/templates/failed_audits.rb +98 -0
- data/lib/risu/templates/finding_statistics.rb +2 -1
- data/lib/risu/templates/findings_host.rb +20 -22
- data/lib/risu/templates/findings_summary.rb +11 -9
- data/lib/risu/templates/findings_summary_with_pluginid.rb +31 -85
- data/lib/risu/templates/graphs.rb +9 -10
- data/lib/risu/templates/host_findings_csv.rb +67 -0
- data/lib/risu/templates/host_summary.rb +2 -1
- data/lib/risu/templates/malicious_process_detection.rb +2 -1
- data/lib/risu/templates/missing_root_causes.rb +162 -0
- data/lib/risu/templates/ms_patch_summary.rb +3 -2
- data/lib/risu/templates/ms_update_summary.rb +5 -4
- data/lib/risu/templates/ms_wsus_findings.rb +5 -4
- data/lib/risu/templates/notable.rb +7 -11
- data/lib/risu/templates/notable_detailed.rb +7 -4
- data/lib/risu/templates/pci_compliance.rb +5 -4
- data/lib/risu/templates/stig_findings_summary.rb +5 -4
- data/lib/risu/templates/talking_points.rb +164 -0
- data/lib/risu/templates/technical_findings.rb +8 -4
- data/lib/risu/templates/template.rb +3 -2
- data/lib/risu/templates/top_25.rb +115 -0
- data/risu.gemspec +16 -15
- metadata +142 -77
data/lib/risu/models/patch.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
data/lib/risu/models/plugin.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -96,7 +96,7 @@ module Risu
|
|
96
96
|
g.sort = false
|
97
97
|
g.marker_count = 1
|
98
98
|
g.theme = {
|
99
|
-
:colors =>
|
99
|
+
:colors => Risu::GRAPH_COLORS,
|
100
100
|
:background_colors => %w(white white)
|
101
101
|
}
|
102
102
|
|
@@ -125,6 +125,34 @@ module Risu
|
|
125
125
|
|
126
126
|
StringIO.new(g.to_blob)
|
127
127
|
end
|
128
|
+
|
129
|
+
def root_cause_graph
|
130
|
+
g = Gruff::Pie.new(GRAPH_WIDTH)
|
131
|
+
g.title = sprintf "Vulnerability Root Cause"
|
132
|
+
g.sort = false
|
133
|
+
g.marker_count = 1
|
134
|
+
g.theme = {
|
135
|
+
:colors => Risu::GRAPH_COLORS,
|
136
|
+
:background_colors => %w(white white)
|
137
|
+
}
|
138
|
+
|
139
|
+
g.data('Vendor Patch', Plugin.where(:root_cause => 'Vendor Patch').count)
|
140
|
+
g.data('Vendor Support', Plugin.where(:root_cause => 'Vendor Support').count)
|
141
|
+
g.data('Configuration', Plugin.where(:root_cause => 'Configuration').count)
|
142
|
+
|
143
|
+
StringIO.new(g.to_blob)
|
144
|
+
end
|
145
|
+
|
146
|
+
def root_cause_graph_text
|
147
|
+
graph_text = "This graph shows the basic root cause of a vulnerability, the data is broken up into " +
|
148
|
+
"three categories. Vendor Patch, Vendor Support and Configuration.\n\n"
|
149
|
+
|
150
|
+
graph_text << "Vendor Patch represents vulnerabilities from missing patches. IE missing Microsoft patches.\n"
|
151
|
+
graph_text << "Vendor Support represents vulnerabilities caused by the lack of vendor support. IE unsupported software.\n"
|
152
|
+
graph_text << "Configuration represents vulnerabilities caused by misconfiguration of software or hardware. IE default passwords.\n\n"
|
153
|
+
|
154
|
+
return graph_text
|
155
|
+
end
|
128
156
|
end
|
129
157
|
end
|
130
158
|
end
|
data/lib/risu/models/policy.rb
CHANGED
data/lib/risu/models/report.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -28,7 +28,6 @@ module Risu
|
|
28
28
|
module Models
|
29
29
|
|
30
30
|
# Report Model
|
31
|
-
#
|
32
31
|
class Report < ActiveRecord::Base
|
33
32
|
has_many :hosts
|
34
33
|
belongs_to :policy
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Models
|
data/lib/risu/models/version.rb
CHANGED
data/lib/risu/parsers.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Parsers
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
ActiveRecord::Migration.verbose = false
|
28
28
|
|
@@ -43,7 +43,7 @@ module Risu
|
|
43
43
|
"osvdb", "cert", "edb-id", "rhsa", "secunia", "suse", "dsa",
|
44
44
|
"owasp", "cwe", "iavb", "iavt", "cisco-sa", "ics-alert",
|
45
45
|
"cisco-bug-id", "cisco-sr", "cert-vu", "vmsa", "apple-sa",
|
46
|
-
"icsa", "cert-cc", "msvr", "usn"
|
46
|
+
"icsa", "cert-cc", "msvr", "usn", "hp", "glsa", "freebsd"
|
47
47
|
]
|
48
48
|
|
49
49
|
@valid_host_properties = Array[
|
@@ -54,11 +54,13 @@ module Risu
|
|
54
54
|
"pcidss:reachable_db", "pcidss:www:xss", "pcidss:directory_browsing", "pcidss:known_credentials",
|
55
55
|
"pcidss:compromised_host:worm", "pcidss:obsolete_operating_system", "pcidss:dns_zone_transfer",
|
56
56
|
"pcidss:unprotected_mssql_db", "pcidss:obsolete_software", "pcidss:www:sql_injection", "pcidss:backup_files",
|
57
|
-
"traceroute-hop-0", "traceroute-hop-1", "traceroute-hop-2", "operating-system-unsupported", "patch-summary-total-cves"
|
57
|
+
"traceroute-hop-0", "traceroute-hop-1", "traceroute-hop-2", "operating-system-unsupported", "patch-summary-total-cves",
|
58
|
+
"pcidss:insecure_http_methods", "LastUnauthenticatedResults", "LastAuthenticatedResults", "cpe-0", "cpe-1",
|
59
|
+
"cpe-2", "cpe-3", "Credentialed_Scan", "policy-used", "UnsupportedProduct:microsoft:windows_xp::sp2"
|
58
60
|
]
|
59
61
|
|
60
62
|
@valid_host_properties_regex = Array[
|
61
|
-
"patch-summary-cve-num", "patch-summary-cves", "patch-summary-txt"
|
63
|
+
"patch-summary-cve-num", "patch-summary-cves", "patch-summary-txt", "cpe-\d+", "KB\d+"
|
62
64
|
]
|
63
65
|
|
64
66
|
@valid_elements = Array["ReportItem", "plugin_version", "risk_factor",
|
@@ -73,7 +75,8 @@ module Risu
|
|
73
75
|
"plugin_type", "exploithub_sku", "exploit_framework_exploithub", "stig_severity", "plugin_name", "fname", "always_run",
|
74
76
|
"cm:compliance-info", "cm:compliance-actual-value", "cm:compliance-check-id", "cm:compliance-policy-value",
|
75
77
|
"cm:compliance-audit-file", "cm:compliance-check-name", "cm:compliance-result", "cm:compliance-output", "policyOwner",
|
76
|
-
"visibility", "script_version", "attachment", "policy_comments", "d2_elliot_name", "exploit_framework_d2_elliot"
|
78
|
+
"visibility", "script_version", "attachment", "policy_comments", "d2_elliot_name", "exploit_framework_d2_elliot",
|
79
|
+
"exploited_by_malware", "compliance"
|
77
80
|
]
|
78
81
|
|
79
82
|
@valid_elements = @valid_elements + @valid_references
|
@@ -99,7 +102,7 @@ module Risu
|
|
99
102
|
@vals[@tag] = ""
|
100
103
|
|
101
104
|
if !@valid_elements.include?(element)
|
102
|
-
puts "New XML element detected: #{element}. Please report this at
|
105
|
+
puts "New XML element detected: #{element}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}"
|
103
106
|
end
|
104
107
|
|
105
108
|
case element
|
@@ -136,13 +139,17 @@ module Risu
|
|
136
139
|
else
|
137
140
|
nil
|
138
141
|
end
|
139
|
-
#Ugly as fuck.
|
142
|
+
#Ugly as fuck. Really this needs to be rewritten. Fuck.
|
140
143
|
elsif attributes['name'] =~ /patch-summary-cve-num/ ||
|
141
144
|
attributes['name'] =~ /patch-summary-cves/ ||
|
142
|
-
attributes['name'] =~ /patch-summary-txt/
|
145
|
+
attributes['name'] =~ /patch-summary-txt/ ||
|
146
|
+
attributes['name'] =~ /cpe-\d+/ ||
|
147
|
+
attributes['name'] =~ /KB\d+/
|
143
148
|
@attr = if attributes["name"] =~ /patch-summary-cve-num/ ||
|
144
149
|
attributes['name'] =~ /patch-summary-cves/ ||
|
145
|
-
attributes['name'] =~ /patch-summary-txt/
|
150
|
+
attributes['name'] =~ /patch-summary-txt/ ||
|
151
|
+
attributes['name'] =~ /cpe-\d+/ ||
|
152
|
+
attributes['name'] =~ /KB\d+/
|
146
153
|
attributes["name"]
|
147
154
|
else
|
148
155
|
nil
|
@@ -156,10 +163,8 @@ module Risu
|
|
156
163
|
end
|
157
164
|
|
158
165
|
# implicit nil check?
|
159
|
-
if attributes["name"] !~ /(netstat-(?:established|listen)-(?:tcp|udp)\d+-\d+)/ &&
|
160
|
-
attributes["name"]
|
161
|
-
#puts attributes["name"]
|
162
|
-
puts "New HostProperties attribute: #{attributes["name"]}. Please report this at https://github.com/arxopia/risu/issues/new or via email to #{Risu::EMAIL}\n" if @attr.nil?
|
166
|
+
if attributes["name"] !~ /(netstat-(?:established|listen)-(?:tcp|udp)\d+-\d+)/ && attributes["name"] !~ /traceroute-hop-\d+/
|
167
|
+
puts "New HostProperties attribute: #{attributes["name"]}. Please report this at #{Risu::GITHUB}/issues/new or via email to #{Risu::EMAIL}\n" if @attr.nil?
|
163
168
|
end
|
164
169
|
when "ReportItem"
|
165
170
|
@vals = Hash.new # have to clear this out or everything has the same references
|
@@ -346,7 +351,9 @@ module Risu
|
|
346
351
|
:stig_severity => @vals["stig_severity"],
|
347
352
|
:fname => @vals["fname"],
|
348
353
|
:always_run => @vals["always_run"],
|
349
|
-
:script_version => @vals["script_version"]
|
354
|
+
:script_version => @vals["script_version"],
|
355
|
+
:exploited_by_malware => @vals["exploited_by_malware"],
|
356
|
+
:compliance => @vals["compliance"]
|
350
357
|
}
|
351
358
|
@plugin.save
|
352
359
|
when "attachment"
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Nessus
|
@@ -31,6 +31,3 @@ module Risu
|
|
31
31
|
end
|
32
32
|
end
|
33
33
|
end
|
34
|
-
|
35
|
-
require 'risu/parsers/nessus/postprocess/java'
|
36
|
-
require 'risu/parsers/nessus/postprocess/risk_score'
|
@@ -0,0 +1,82 @@
|
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Parsers
|
29
|
+
module Nessus
|
30
|
+
module PostProcess
|
31
|
+
class AdobeAir < Risu::Base::PostProcessBase
|
32
|
+
|
33
|
+
#
|
34
|
+
def initialize
|
35
|
+
@info =
|
36
|
+
{
|
37
|
+
:description => "Adobe Air Patch Rollup",
|
38
|
+
:plugin_id => -99994,
|
39
|
+
:plugin_name => "Update to the latest Adobe Air",
|
40
|
+
:item_name => "Update to the latest Adobe Air",
|
41
|
+
:plugin_ids => [
|
42
|
+
52755,
|
43
|
+
53474,
|
44
|
+
55805,
|
45
|
+
55806,
|
46
|
+
66444,
|
47
|
+
66871,
|
48
|
+
69865,
|
49
|
+
70214,
|
50
|
+
70857,
|
51
|
+
71350,
|
52
|
+
71947,
|
53
|
+
71950,
|
54
|
+
73432,
|
55
|
+
73993,
|
56
|
+
74430,
|
57
|
+
73432,
|
58
|
+
73993,
|
59
|
+
74430,
|
60
|
+
58537,
|
61
|
+
59425,
|
62
|
+
61624,
|
63
|
+
62835,
|
64
|
+
62479,
|
65
|
+
63449,
|
66
|
+
64583,
|
67
|
+
65218,
|
68
|
+
65909,
|
69
|
+
66444,
|
70
|
+
66871,
|
71
|
+
63241,
|
72
|
+
|
73
|
+
]
|
74
|
+
|
75
|
+
}
|
76
|
+
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Parsers
|
29
|
+
module Nessus
|
30
|
+
module PostProcess
|
31
|
+
class AdobeReader < Risu::Base::PostProcessBase
|
32
|
+
|
33
|
+
#
|
34
|
+
def initialize
|
35
|
+
@info =
|
36
|
+
{
|
37
|
+
:description => "Adobe Reader Patch Rollup",
|
38
|
+
:plugin_id => -99998,
|
39
|
+
:plugin_name => "Update to the latest Adobe Reader",
|
40
|
+
:item_name => "Update to the latest Adobe Reader",
|
41
|
+
:plugin_ids => [
|
42
|
+
30200,
|
43
|
+
33256,
|
44
|
+
34695,
|
45
|
+
35821,
|
46
|
+
38746,
|
47
|
+
39355,
|
48
|
+
42120,
|
49
|
+
43876,
|
50
|
+
44644,
|
51
|
+
45505,
|
52
|
+
47165,
|
53
|
+
48375,
|
54
|
+
49173,
|
55
|
+
50614,
|
56
|
+
51925,
|
57
|
+
55144,
|
58
|
+
56198,
|
59
|
+
56213,
|
60
|
+
66517,
|
61
|
+
66542,
|
62
|
+
74012,
|
63
|
+
58683,
|
64
|
+
61562,
|
65
|
+
63454,
|
66
|
+
64786,
|
67
|
+
66410,
|
68
|
+
69846,
|
69
|
+
71947,
|
70
|
+
57043,
|
71
|
+
57484,
|
72
|
+
24002,
|
73
|
+
23776,
|
74
|
+
23975,
|
75
|
+
52672,
|
76
|
+
53451,
|
77
|
+
21698,
|
78
|
+
|
79
|
+
]
|
80
|
+
}
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|