risu 1.8.3 → 1.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/Gemfile.lock +159 -0
- data/LICENSE +1 -1
- data/README.markdown +2 -5
- data/Rakefile +1 -1
- data/bin/risu +1 -1
- data/docs/NEWS.markdown +3 -0
- data/lib/risu.rb +2 -2
- data/lib/risu/base.rb +1 -1
- data/lib/risu/base/graph_template_helper.rb +1 -1
- data/lib/risu/base/host_template_helper.rb +2 -1
- data/lib/risu/base/malware_template_helper.rb +1 -1
- data/lib/risu/base/post_process_base.rb +7 -4
- data/lib/risu/base/post_process_manager.rb +1 -1
- data/lib/risu/base/scan_helper.rb +1 -1
- data/lib/risu/base/schema.rb +10 -3
- data/lib/risu/base/shares_template_helper.rb +1 -1
- data/lib/risu/base/template_base.rb +1 -1
- data/lib/risu/base/template_helper.rb +1 -1
- data/lib/risu/base/template_manager.rb +1 -1
- data/lib/risu/base/templater.rb +1 -1
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +16 -16
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/graphs.rb +1 -1
- data/lib/risu/graphs/top_vuln_graph.rb +1 -1
- data/lib/risu/graphs/windows_os_graph.rb +1 -1
- data/lib/risu/models.rb +2 -1
- data/lib/risu/models/attachment.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +34 -2
- data/lib/risu/models/hostproperty.rb +1 -1
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +248 -20
- data/lib/risu/models/nessuspluginmetadata.rb +28 -0
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -1
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +3 -2
- data/lib/risu/parsers/nessus/postprocess.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/7zip.rb +6 -4
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +48 -54
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +58 -63
- data/lib/risu/parsers/nessus/postprocess/adobe_coldfusion.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/{shockwave.rb → adobe_creative_desktop.rb} +9 -34
- data/lib/risu/parsers/nessus/postprocess/adobe_flash_player.rb +175 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +73 -55
- data/lib/risu/parsers/nessus/postprocess/adobe_shockwave_player.rb +74 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +38 -33
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +8 -10
- data/lib/risu/parsers/nessus/postprocess/apple_icloud.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +23 -17
- data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +38 -32
- data/lib/risu/parsers/nessus/postprocess/artifex_ghostscript.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +10 -14
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +10 -10
- data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +18 -20
- data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +25 -15
- data/lib/risu/parsers/nessus/postprocess/cisco_telepresence.rb +45 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +6 -6
- data/lib/risu/parsers/nessus/postprocess/db2.rb +7 -9
- data/lib/risu/parsers/nessus/postprocess/dell_idrac.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +4 -2
- data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/filezilla.rb +4 -6
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +113 -71
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_phantom_pdf.rb +10 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +13 -12
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +34 -6
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/iLo.rb +50 -0
- data/lib/risu/parsers/nessus/postprocess/intel_mgt_engine.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/irfanview.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/java.rb +70 -64
- data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/microsoft_office.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_visual_studio.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_windows.rb +1312 -0
- data/lib/risu/parsers/nessus/postprocess/mongo_db.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/mozzila_thunderbird.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/normalize_plugin_names.rb +5 -2
- data/lib/risu/parsers/nessus/postprocess/openoffice.rb +14 -11
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +58 -39
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/php.rb +94 -69
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/putty.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/real_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +16 -3
- data/lib/risu/parsers/nessus/postprocess/samba.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +4 -4
- data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/skype.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/solarwinds_dameware.rb +48 -0
- data/lib/risu/parsers/nessus/postprocess/symantec_endpoint.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/tenable_nessus.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/vlc.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +64 -54
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +11 -5
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/winscp.rb +7 -8
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +73 -51
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/csvrenderer.rb +1 -1
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +1 -1
- data/lib/risu/template_helpers.rb +1 -1
- data/lib/risu/templates/assets.rb +1 -1
- data/lib/risu/templates/authentication_summary.rb +1 -1
- data/lib/risu/templates/cover_sheet.rb +1 -1
- data/lib/risu/templates/exec_summary.rb +1 -1
- data/lib/risu/templates/executive_summary_detailed.rb +1 -1
- data/lib/risu/templates/exploitablity_summary.rb +1 -1
- data/lib/risu/templates/failed_audits.rb +1 -1
- data/lib/risu/templates/finding_statistics.rb +1 -1
- data/lib/risu/templates/findings_host.rb +1 -1
- data/lib/risu/templates/findings_summary.rb +1 -1
- data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
- data/lib/risu/templates/graphs.rb +1 -1
- data/lib/risu/templates/host_findings_csv.rb +1 -1
- data/lib/risu/templates/host_summary.rb +1 -1
- data/lib/risu/templates/malicious_process_detection.rb +1 -1
- data/lib/risu/templates/missing_root_causes.rb +1 -1
- data/lib/risu/templates/ms_patch_summary.rb +1 -1
- data/lib/risu/templates/ms_update_summary.rb +1 -1
- data/lib/risu/templates/ms_wsus_findings.rb +1 -1
- data/lib/risu/templates/notable.rb +1 -1
- data/lib/risu/templates/notable_detailed.rb +1 -1
- data/lib/risu/templates/pci_compliance.rb +1 -1
- data/lib/risu/templates/rollup_summary.rb +82 -0
- data/lib/risu/templates/stig_findings_summary.rb +1 -1
- data/lib/risu/templates/talking_points.rb +1 -1
- data/lib/risu/templates/technical_findings.rb +1 -1
- data/lib/risu/templates/template.rb +1 -1
- data/lib/risu/templates/top_25.rb +1 -1
- data/lib/risu/version.rb +2 -2
- data/risu.gemspec +5 -5
- metadata +59 -56
- metadata.gz.sig +0 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +0 -145
- data/lib/risu/parsers/nessus/postprocess/windows.rb +0 -976
@@ -0,0 +1,47 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Parsers
|
24
|
+
module Nessus
|
25
|
+
module PostProcess
|
26
|
+
class PuTTYRollup < Risu::Base::PostProcessBase
|
27
|
+
|
28
|
+
#
|
29
|
+
def initialize
|
30
|
+
@info =
|
31
|
+
{
|
32
|
+
:description => "PuTTY Patch Rollup",
|
33
|
+
:plugin_id => -99938,
|
34
|
+
:plugin_name => "Missing the latest PuTTY",
|
35
|
+
:item_name => "Update to the latest PuTTY",
|
36
|
+
:plugin_ids => [
|
37
|
+
123418, #PuTTY < 0.71 Multiple Vulnerabilities
|
38
|
+
]
|
39
|
+
}
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,7 +31,7 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "RealPlayer Patch Rollup",
|
33
33
|
:plugin_id => -99957,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest RealPlayer Patches",
|
35
35
|
:item_name => "Update to the latest RealPlayer",
|
36
36
|
:plugin_ids => [
|
37
37
|
57863,
|
@@ -42,7 +42,7 @@ module Risu
|
|
42
42
|
69472,
|
43
43
|
71772,
|
44
44
|
76458,
|
45
|
-
|
45
|
+
|
46
46
|
]
|
47
47
|
}
|
48
48
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -300,8 +300,20 @@ module Risu
|
|
300
300
|
-99952 => "Vendor Patch",
|
301
301
|
-99973 => "Vendor Patch",
|
302
302
|
-99962 => "Vendor Patch",
|
303
|
-
|
304
|
-
|
303
|
+
101367 => "Vendor Patch",
|
304
|
+
100761 => "Vendor Patch",
|
305
|
+
97997 => "Vendor Patch",
|
306
|
+
89104 => "Vendor Patch",
|
307
|
+
100756 => "Vendor Patch",
|
308
|
+
101362 => "Vendor Patch",
|
309
|
+
61731 => "Vendor Patch",
|
310
|
+
69185 => "Vendor Patch",
|
311
|
+
-99963 => "Vendor Patch",
|
312
|
+
91821 => "Vendor Patch",
|
313
|
+
100671 => "Vendor Patch",
|
314
|
+
100767 => "Vendor Patch",
|
315
|
+
101371 => "Vendor Patch",
|
316
|
+
99523 => "Vendor Patch",
|
305
317
|
|
306
318
|
33850 => "Vendor Support",
|
307
319
|
34460 => "Vendor Support",
|
@@ -337,6 +349,7 @@ module Risu
|
|
337
349
|
11057 => "Vendor Support",
|
338
350
|
21725 => "Vendor Support",
|
339
351
|
97994 => "Vendor Support",
|
352
|
+
78555 => "Vendor Support", #OpenSSL Unsupported -
|
340
353
|
|
341
354
|
49071 => "Configuration",
|
342
355
|
19948 => "Configuration",
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Parsers
|
24
|
+
module Nessus
|
25
|
+
module PostProcess
|
26
|
+
class SambaRollup < Risu::Base::PostProcessBase
|
27
|
+
|
28
|
+
#
|
29
|
+
def initialize
|
30
|
+
@info =
|
31
|
+
{
|
32
|
+
:description => "Samba Patch Rollup",
|
33
|
+
:plugin_id => -99944,
|
34
|
+
:plugin_name => "Missing the latest Samba",
|
35
|
+
:item_name => "Update to the latest Samba",
|
36
|
+
:plugin_ids => [
|
37
|
+
125388, #Samba 4.x < 4.8.12 / 4.9.x < 4.9.8 / 4.10.x < 4.10.3 Man in the Middle Vulnerability (CVE-2018-16860)
|
38
|
+
|
39
|
+
]
|
40
|
+
}
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -27,11 +27,11 @@ module Risu
|
|
27
27
|
|
28
28
|
#
|
29
29
|
def initialize
|
30
|
-
@info =
|
30
|
+
@info =
|
31
31
|
{
|
32
32
|
:description => "Serv-U Patch Rollup",
|
33
33
|
:plugin_id => -99996,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Serv-U Patches",
|
35
35
|
:item_name => "Update to the latest Serv-U",
|
36
36
|
:plugin_ids => [
|
37
37
|
36035,
|
@@ -41,7 +41,7 @@ module Risu
|
|
41
41
|
71863,
|
42
42
|
72658,
|
43
43
|
76369,
|
44
|
-
|
44
|
+
|
45
45
|
]
|
46
46
|
}
|
47
47
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,12 +31,12 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "SigPlus Pro Patch Rollups",
|
33
33
|
:plugin_id => -99977,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest SigPlus Pro Patches",
|
35
35
|
:item_name => "Update to the latest SigPlus Pro",
|
36
36
|
:plugin_ids => [
|
37
37
|
51895,
|
38
38
|
51894,
|
39
|
-
|
39
|
+
|
40
40
|
|
41
41
|
|
42
42
|
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,11 +31,12 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Skype Patch Rollup",
|
33
33
|
:plugin_id => -99955,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Skype Patches",
|
35
35
|
:item_name => "Update to the latest Skype",
|
36
36
|
:plugin_ids => [
|
37
37
|
66695,
|
38
|
-
|
38
|
+
101084
|
39
|
+
|
39
40
|
]
|
40
41
|
}
|
41
42
|
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Parsers
|
24
|
+
module Nessus
|
25
|
+
module PostProcess
|
26
|
+
class SolarWindsDameWareRollup < Risu::Base::PostProcessBase
|
27
|
+
|
28
|
+
#
|
29
|
+
def initialize
|
30
|
+
@info =
|
31
|
+
{
|
32
|
+
:description => "SolarWinds DameWare Patch Rollup",
|
33
|
+
:plugin_id => -99936,
|
34
|
+
:plugin_name => "Missing the latest SolarWinds DameWare",
|
35
|
+
:item_name => "Update to the latest SolarWinds DameWare",
|
36
|
+
:plugin_ids => [
|
37
|
+
124062, #SolarWinds DameWare Mini Remote Client Agent < 12.0.3 Stack Buffer Overflow
|
38
|
+
130458, #SolarWinds Dameware Mini Remote Control Unauthenticated RCE
|
39
|
+
]
|
40
|
+
}
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,7 +31,7 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Symantec Endpoint Patch Rollup",
|
33
33
|
:plugin_id => -99953,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Symantec Endpoint Patches",
|
35
35
|
:item_name => "Update to the latest Symantec Endpoint",
|
36
36
|
:plugin_ids => [
|
37
37
|
91895,
|
@@ -41,7 +41,8 @@ module Risu
|
|
41
41
|
71994,
|
42
42
|
72542,
|
43
43
|
85256,
|
44
|
-
|
44
|
+
104459, #Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP9 / 14.0.x < 14.0 RU1 Multiple Vulnerabilities (SYM17-011)
|
45
|
+
|
45
46
|
]
|
46
47
|
}
|
47
48
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,7 +31,7 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Symantec pcAnywhere Patch Rollup",
|
33
33
|
:plugin_id => -99971,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Symantec pcAnywhere Patches",
|
35
35
|
:item_name => "Update to the latest Symantec pcAnywhere",
|
36
36
|
:plugin_ids => [
|
37
37
|
20743,
|
@@ -39,7 +39,7 @@ module Risu
|
|
39
39
|
58119,
|
40
40
|
35976,
|
41
41
|
58204,
|
42
|
-
|
42
|
+
|
43
43
|
|
44
44
|
]
|
45
45
|
}
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Parsers
|
24
|
+
module Nessus
|
25
|
+
module PostProcess
|
26
|
+
class TenableNessusRollup < Risu::Base::PostProcessBase
|
27
|
+
|
28
|
+
#
|
29
|
+
def initialize
|
30
|
+
@info =
|
31
|
+
{
|
32
|
+
:description => "Tenable Nessus Patch Rollup",
|
33
|
+
:plugin_id => -99945,
|
34
|
+
:plugin_name => "Missing the latest Tenable Nessus",
|
35
|
+
:item_name => "Update to the latest Tenable Nessus",
|
36
|
+
:plugin_ids => [
|
37
|
+
123462, #Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)
|
38
|
+
121620, #Tenable Nessus < 8.2.2 Stored XSS Vulnerability (TNS-2019-01)
|
39
|
+
|
40
|
+
]
|
41
|
+
}
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,7 +31,7 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Timbuktu Pro Patch Rollup",
|
33
33
|
:plugin_id => -99964,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Timbuktu Pro Patches",
|
35
35
|
:item_name => "Update to the latest Timbuktu Pro",
|
36
36
|
:plugin_ids => [
|
37
37
|
25954,
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,7 +31,7 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "VLC Patch Rollup",
|
33
33
|
:plugin_id => -99970,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest VLC Patches",
|
35
35
|
:item_name => "Update to the latest VLC",
|
36
36
|
:plugin_ids => [
|
37
37
|
58416,
|
@@ -44,7 +44,8 @@ module Risu
|
|
44
44
|
78626,
|
45
45
|
55608,
|
46
46
|
63137,
|
47
|
-
|
47
|
+
100592, #VLC Media Player < 2.2.5 Multiple Vulnerabilities - 100592
|
48
|
+
105294, #VLC Media Player < 2.2.7 Overflow Condition
|
48
49
|
|
49
50
|
]
|
50
51
|
}
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,61 +31,71 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "VMware ESXi Patch Rollup",
|
33
33
|
:plugin_id => -99981,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest VMware ESXi Patches",
|
35
35
|
:item_name => "Update to the latest VMware ESXi",
|
36
36
|
:plugin_ids => [
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
37
|
+
70879, #ESXi 5.0 < Build 1311175 Multiple Vulnerabilities (remote check)
|
38
|
+
70880, #ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check)
|
39
|
+
70882, #ESXi 5.0 < Build 702118 Multiple Vulnerabilities (remote check)
|
40
|
+
70883, #ESXi 5.0 < Build 721882 Multiple Vulnerabilities (remote check)
|
41
|
+
70884, #ESXi 5.0 < Build 764879 Multiple Vulnerabilities (remote check)
|
42
|
+
70885, #ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)
|
43
|
+
70888, #ESXi 5.1 < Build 911593 Multiple Vulnerabilities (remote check)
|
44
|
+
59447, #VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check)
|
45
|
+
70877, #ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)
|
46
|
+
70878, #ESXi 5.0 < Build 1197855 NFC Traffic Denial of Service (remote check)
|
47
|
+
70881, #ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check)
|
48
|
+
70886, #ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)
|
49
|
+
70887, #ESXi 5.1 < Build 1142907 NFC Traffic Denial of Service (remote check)
|
50
|
+
71773, #ESXi 5.1 < Build 1312873 File Descriptors Privilege Escalation (remote check)
|
51
|
+
72037, #ESXi 5.1 < Build 1483097 Multiple Vulnerabilities (remote check)
|
52
|
+
76203, #ESXi 5.1 < Build 1900470 OpenSSL Library Multiple Vulnerabilities (remote check)
|
53
|
+
76368, #ESXi 5.0 < Build 1918656 OpenSSL Library Multiple Vulnerabilities (remote check)
|
54
|
+
73917, #ESXi 5.5 < Build 1746974 / 5.5 Update 1 < Build 1746018 OpenSSL Library Multiple Vulnerabilities (remote check) (Heartbleed)
|
55
|
+
81085, #ESXi 5.5 < Build 2352327 Multiple Vulnerabilities (remote check) (POODLE)
|
56
|
+
71774, #ESXi 5.5 < Build 1474526 File Descriptors Privilege Escalation (remote check)
|
57
|
+
74470, #ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check)
|
58
|
+
78108, #ESXi 5.5 < Build 1980513 glibc Library Multiple Vulnerabilities (remote check)
|
59
|
+
79862, #ESXi 5.1 < Build 2323236 Third-Party Libraries Multiple Vulnerabilities (remote check) (BEAST)
|
60
|
+
80037, #ESXi 5.1 < Build 2323231 glibc Library Multiple Vulnerabilities (remote check)
|
61
|
+
81084, #ESXi 5.1 < Build 1743201 Multiple Vulnerabilities (remote check)
|
62
|
+
83781, #ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check)
|
63
|
+
86947, #VMware ESXi 5.5 < Build 3029944 OpenSLP RCE (VMSA-2015-0007)
|
64
|
+
86946, #VMware ESXi 5.1 < Build 3021178 OpenSLP RCE (VMSA-2015-0007)
|
65
|
+
86945, #VMware ESXi 5.0 < Build 3021432 OpenSLP RCE (VMSA-2015-0007)
|
66
|
+
87676, #VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0004) (Heartbleed)
|
67
|
+
81083, #ESXi 5.0 < Build 1749766 Multiple Vulnerabilities (remote check)
|
68
|
+
87940, #ESXi 5.0 < Build 3086167 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)
|
69
|
+
89035, #VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0009) (remote check)
|
70
|
+
89036, #VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0011) (remote check)
|
71
|
+
89037, #VMware ESX / ESXi libxml2 Multiple Vulnerabilities (VMSA-2012-0012) (remote check)
|
72
|
+
89038, #VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0013) (remote check)
|
73
|
+
87673, #VMware ESX / ESXi Multiple DoS (VMSA-2014-0001)
|
74
|
+
87674, #VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002)
|
75
|
+
87677, #VMware ESXi Tools Guest OS Privilege Escalation (VMSA-2014-0005)
|
76
|
+
87678, #VMware ESXi Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)
|
77
|
+
88906, #ESXi 5.5 < Build 3568722 / 6.0 < Build 3568940 glibc DNS Resolver RCE (VMSA-2016-0002) (remote check)
|
78
|
+
92949, #ESXi 5.0 / 5.1 / 5.5 / 6.0 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)
|
79
|
+
87943, #ESXi 6.0 < Build 3380124 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)
|
80
|
+
89106, #VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0005) (BEAST) (remote check)
|
81
|
+
89105, #VMware ESX / ESXi Service Console and Third-Party Libraries Multiple Vulnerabilities (VMSA-2012-0001) (remote check)
|
82
|
+
89108, #VMware ESX / ESXi Tools Folder Incorrect ACL Privilege Escalation (VMSA-2012-0007) (remote check)
|
83
|
+
89678, #VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check)
|
84
|
+
89680, #VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0012) (remote check)
|
85
|
+
99129, #ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
|
86
|
+
99130, #ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
|
87
|
+
87679, #VMware ESXi Multiple DoS (VMSA-2014-0008)
|
88
|
+
87942, #ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001)
|
89
|
+
103375, #ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015)
|
90
|
+
105486, #ESXi 5.5 / 6.0 / 6.5 / Multiple Vulnerabilities (VMSA-2017-0021) (VMSA-2018-0002) (Spectre)
|
91
|
+
87941, #ESXi 5.1 < Build 3070626 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001)
|
92
|
+
87681, #VMware ESXi Multiple Vulnerabilities (VMSA-2014-0012)
|
93
|
+
105614, #ESXi 6.5 < Build 6765664 Heap Buffer Overflow (VMSA-2017-0021)
|
94
|
+
111759, #ESXi 5.5 / 6.0 / 6.5 / 6.7 Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018- 0020)
|
95
|
+
118466, #ESXi 6.0 / 6.5 / 6.7 Out-of-Bounds Read Vulnerability (VMSA-2018-0026) (Remote Check)
|
96
|
+
102698, #ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015)
|
97
|
+
118885, #ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check)
|
98
|
+
123518, #ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0005) (Remote Check)
|
89
99
|
]
|
90
100
|
}
|
91
101
|
end
|