risu 1.6.3 → 1.7.0

data/lib/risu/parsers/nessus/postprocess/apache.rb

@@ -0,0 +1,67 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+#OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class Apache < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "Apache Patch Rollup",
+							:plugin_id => -99986,
+							:plugin_name => "Update to the latest Apache",
+							:item_name => "Update to the latest Apache",
+							:plugin_ids => [
+								11030,
+								11137,
+								11793,
+								11915,
+								31654,
+								55976,
+								57792,
+								12280,
+								17696,
+								31408,
+								73405,
+								56216,
+								57791,
+								62101,
+								64912,
+								68915,
+								
+								
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/core_ftp.rb

@@ -0,0 +1,52 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class CoreFTP < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "CoreFTP Patch Rollup",
+							:plugin_id => -99989,
+							:plugin_name => "Update to the latest CoreFTP",
+							:item_name => "Update to the latest CoreFTP",
+							:plugin_ids => [
+								65789,
+								70656,
+								59243
+							]								
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/flash_player.rb

@@ -0,0 +1,104 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+#OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class FlashPlayer < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info = 
+						{
+							:description => "Flash Player Patch Rollup",
+							:plugin_id => -99997,
+							:plugin_name => "Update to the latest Flash Player",
+							:item_name => "Update to the latest Flash Player",
+							:plugin_ids => [
+								46859, 
+								48300, 
+								49307, 
+								50493, 
+								51926, 
+								52673, 
+								53472, 
+								54299, 
+								54972, 
+								55140, 
+								55803, 
+								56259, 
+								56874, 
+								58001, 
+								58207, 
+								58538, 
+								58994, 
+								59196, 
+								59426, 
+								61622, 
+								62480, 
+								62836, 
+								63242, 
+								63450, 
+								64506, 
+								64584, 
+								64916, 
+								65219, 
+								65910, 
+								66445, 
+								66872, 
+								67225, 
+								69866, 
+								70858, 
+								71351, 
+								71951, 
+								72284, 
+								74431,
+								73994,
+								73740,
+								73433,
+								72606,
+								76413,
+								34741,
+								35742,
+								40434,
+								43068,
+								25694,
+								72937,
+								22056,
+								44596,
+								23869,
+								20158,
+								29741,
+								21079
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/flexnet.rb

@@ -0,0 +1,53 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+#OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class Flexnet < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info = 
+						{
+							:description => "Macrovision FLEXnet Patch Rollup",
+							:plugin_id => -99987,
+							:plugin_name => "Update to the latest Macrovision FLEXnet",
+							:item_name => "Update to the latest Macrovision FLEXnet",
+							:plugin_ids => [
+								25371,
+								24712,
+								27599,
+								
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/google_chrome.rb

@@ -0,0 +1,52 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+#OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class GoogleChrome < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info = 
+						{
+							:description => "Google Chrome Patch Rollup",
+							:plugin_id => -99990,
+							:plugin_name => "Update to the latest Google Chrome",
+							:item_name => "Update to the latest Google Chrome",
+							:plugin_ids => [
+								74434,
+								76581,
+
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb

@@ -0,0 +1,60 @@
+# Copyright (c) 2010-2014 Arxopia LLC.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above copyright
+#       notice, this list of conditions and the following disclaimer in the
+#       documentation and/or other materials provided with the distribution.
+#     * Neither the name of the Arxopia LLC nor the names of its contributors
+#     	may be used to endorse or promote products derived from this software
+#     	without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+#OF THE POSSIBILITY OF SUCH DAMAGE.
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class HPSystemMgtHomePage < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "HP System Management Homepage Patch Rollup",
+							:plugin_id => -99985,
+							:plugin_name => "Update to the latest HP System Management Homepage",
+							:item_name => "Update to the latest HP System Management Homepage",
+							:plugin_ids => [
+								53532,
+								58811,
+								59851,
+								66541,
+								69020,
+								70118,
+								76345,
+								49272,
+								72959,
+
+
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/java.rb

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2013 Arxopia LLC.
+# Copyright (c) 2010-2014 Arxopia LLC.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -21,211 +21,62 @@
 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
 # OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 # LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-#OF THE POSSIBILITY OF SUCH DAMAGE.
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
 
 module Risu
 	module Parsers
 		module Nessus
 			module PostProcess
-				class Java
+				class Java < Risu::Base::PostProcessBase
 
 					#
 					def initialize
-						@java_plugins = [
-							66932,
-							65995, # Needs ver
-							56959, # Needs ver
-							59462, # Needs ver
-							62593, # Needs ver
-							45544,
-							45379, # Oracle Java SE Multiple Vulnerabilities (March 2010 CPU)
-							65050, # Oracle Java JDK/JRE 6 < Update 43 Remote Code Execution (Windows)
-							63521,
-							65052,
-							49996,
-							52002,
-							54997,
-							55958, # Oracle Java JRE Unsupported Version Detection
-							56566,
-							57290,
-							57959,
-							64454,
-							64790
-						]
-					end
-
-					#NOTE:
-					#looks like its working
-					def newest_java_plugin
-						newest = DateTime.new(0001, 01, 01)
-						newest_plugin = nil
-
-						@java_plugins.each do |id|
-							plugin = Plugin.find_by_id(id)
-
-							if plugin == nil || plugin.plugin_modification_date == nil
-								next
-							end
-
-							if plugin.plugin_modification_date >= newest
-								newest = plugin.plugin_modification_date if plugin.plugin_modification_date != nil
-								newest_plugin = plugin
-							end
-						end
-
-						return newest_plugin
-					end
-
-					# Creates a rollup plugin based on the newest java plugin
-					#
-					def create_plugin
-
-						plugin = Plugin.find_by_id(-99999)
-
-						newest_plugin = newest_java_plugin()
-
-						if newest_plugin == nil
-							return
-						end
-
-						if plugin == nil
-							plugin = Plugin.new
-						end
-
-							plugin.id = -99999
-							plugin.plugin_name = "Upgrade to the latest Oracle Java SE"
-							plugin.family_name = "Risu Rollup Plugins"
-							plugin.description = newest_plugin.description || ""
-							plugin.plugin_version = newest_plugin.plugin_version || ""
-							plugin.plugin_publication_date = newest_plugin.plugin_publication_date
-							plugin.plugin_modification_date = newest_plugin.plugin_modification_date
-							plugin.vuln_publication_date = newest_plugin.vuln_publication_date
-							plugin.cvss_vector = newest_plugin.cvss_vector || ""
-							plugin.cvss_base_score = newest_plugin.cvss_base_score
-							plugin.cvss_temporal_score = newest_plugin.cvss_temporal_score
-							plugin.cvss_temporal_vector = newest_plugin.cvss_temporal_vector
-							plugin.risk_factor = newest_plugin.risk_factor
-							plugin.solution = newest_plugin.solution
-							plugin.synopsis = newest_plugin.synopsis
-							plugin.plugin_type = "Rollup"
-							plugin.rollup = true
-
-						plugin.save
-					end
-
-					#
-					def create_item(host_id, severity)
-						item = Item.new
-
-							item.host_id = host_id
-							item.plugin_id = -99999
-							item.plugin_output = nil
-							item.port = 0
-							item.severity = severity
-							item.plugin_name = "Upgrade to the latest Oracle Java SE"
-
-						item.save
-					end
-
-					#
-					def has_java_findings
-						@java_plugins.each do |plugin_id|
-							if Item.where(:plugin_id => plugin_id)
-								return true
-							end
-						end
-
-						return false
-					end
-
-					def has_host_java_findings (host_id)
-						@java_plugins.each do |plugin_id|
-							if Item.where(:plugin_id => plugin_id).where(:host_id => host_id).count >= 1
-								return true
-							end
-						end
-
-						return false
-					end
-
-					#
-					def calculate_severity current_severity, severity
-						#record highest severity for all of the rolled up
-						if severity == 4
-							return 4
-						elsif severity == 3 && current_severity != 4
-							return 3
-						elsif severity == 2 && current_severity != 4 && current_severity != 3
-							return 2
-						end
-					end
-
-					#
-					def run
-						if !has_java_findings()
-							return
-						end
-
-						#Create the dummy plugin
-						create_plugin()
-
-						Host.all.each do |host|
-							if !has_host_java_findings(host.id)
-								next
-							end
-
-							finding_severity = 0
-
-							@java_plugins.each do |plugin_id|
-								Item.where(:plugin_id => plugin_id).each do |item|
-									severity = item.severity
-									item.real_severity = severity
-									item.severity = -1
-									item.save
-
-									finding_severity = calculate_severity(finding_severity, severity)
-								end
-							end
-
-							create_item(host.id, finding_severity)
-						end
-
-
-						# @host_list = Hash.new
-
-						# #Set all plugins
-						# @java_plugins.each do |plugin_id|
-						# 	@current_severity = "None"
-
-						# 	Item.where(:plugin_id => plugin_id).each do |item|
-						# 		severity = item.severity
-						# 		item.real_severity = severity
-						# 		item.severity = -1
-						# 		item.save
-
-						# 		#record highest severity for all of the rolled up
-						# 		if severity == 4
-						# 			@current_severity = 4
-						# 		elsif severity == 3 && @current_severity != 4
-						# 			@current_severity = 3
-						# 		elsif severity == 2 && @current_severity != 4 && @current_severity != 3
-						# 			@current_severity = 2
-						# 		end
-
-						# 		@host_list[item.host_id] = @current_severity
-
-						# 	end
-						# end
-
-						# #Create the rollup plugin
-						# create_plugin()
-
-						# #Create 1 finding for each host, flagged with the highest severity for that host
-						# @host_list.keys.each do |host_id|
-						# 	create_item(host_id, @host_list[host_id])
-						# end
-
+						@info =
+						{
+							:description => "Java Patch Rollup",
+							:plugin_id => -99999,
+							:plugin_name => "Update to the latest Java",
+							:item_name => "Update to the latest Java",
+							:plugin_ids => [
+								66932,
+								65995, 
+								56959, 
+								59462, 
+								62593, 
+								45544,
+								45379, 
+								65050, 
+								63521,
+								65052,
+								49996,
+								52002,
+								54997,
+								55958, 
+								56566,
+								57290,
+								57959,
+								64454,
+								64790,
+								76532,
+								73570,
+								70472,
+								71966,
+								61746,
+								42373,
+								36034,
+								40495,
+								23931,
+								25370,
+								24022,
+								26923,
+								35030,
+								31356,
+								65048,
+								
+								
+							]								
+						}
 					end
 				end
 			end