risu 1.8.3 → 1.8.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/Gemfile.lock +159 -0
- data/LICENSE +1 -1
- data/README.markdown +2 -5
- data/Rakefile +1 -1
- data/bin/risu +1 -1
- data/docs/NEWS.markdown +3 -0
- data/lib/risu.rb +2 -2
- data/lib/risu/base.rb +1 -1
- data/lib/risu/base/graph_template_helper.rb +1 -1
- data/lib/risu/base/host_template_helper.rb +2 -1
- data/lib/risu/base/malware_template_helper.rb +1 -1
- data/lib/risu/base/post_process_base.rb +7 -4
- data/lib/risu/base/post_process_manager.rb +1 -1
- data/lib/risu/base/scan_helper.rb +1 -1
- data/lib/risu/base/schema.rb +10 -3
- data/lib/risu/base/shares_template_helper.rb +1 -1
- data/lib/risu/base/template_base.rb +1 -1
- data/lib/risu/base/template_helper.rb +1 -1
- data/lib/risu/base/template_manager.rb +1 -1
- data/lib/risu/base/templater.rb +1 -1
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +16 -16
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/graphs.rb +1 -1
- data/lib/risu/graphs/top_vuln_graph.rb +1 -1
- data/lib/risu/graphs/windows_os_graph.rb +1 -1
- data/lib/risu/models.rb +2 -1
- data/lib/risu/models/attachment.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +34 -2
- data/lib/risu/models/hostproperty.rb +1 -1
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +248 -20
- data/lib/risu/models/nessuspluginmetadata.rb +28 -0
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +1 -1
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -1
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +3 -2
- data/lib/risu/parsers/nessus/postprocess.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/7zip.rb +6 -4
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +48 -54
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +58 -63
- data/lib/risu/parsers/nessus/postprocess/adobe_coldfusion.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/{shockwave.rb → adobe_creative_desktop.rb} +9 -34
- data/lib/risu/parsers/nessus/postprocess/adobe_flash_player.rb +175 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +73 -55
- data/lib/risu/parsers/nessus/postprocess/adobe_shockwave_player.rb +74 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +38 -33
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +8 -10
- data/lib/risu/parsers/nessus/postprocess/apple_icloud.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +23 -17
- data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +38 -32
- data/lib/risu/parsers/nessus/postprocess/artifex_ghostscript.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +10 -14
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +10 -10
- data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +18 -20
- data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +25 -15
- data/lib/risu/parsers/nessus/postprocess/cisco_telepresence.rb +45 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +6 -6
- data/lib/risu/parsers/nessus/postprocess/db2.rb +7 -9
- data/lib/risu/parsers/nessus/postprocess/dell_idrac.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +4 -2
- data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/filezilla.rb +4 -6
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +113 -71
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_phantom_pdf.rb +10 -3
- data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +13 -12
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +34 -6
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/iLo.rb +50 -0
- data/lib/risu/parsers/nessus/postprocess/intel_mgt_engine.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/irfanview.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/java.rb +70 -64
- data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/microsoft_office.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_visual_studio.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/microsoft_windows.rb +1312 -0
- data/lib/risu/parsers/nessus/postprocess/mongo_db.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/mozzila_thunderbird.rb +49 -0
- data/lib/risu/parsers/nessus/postprocess/normalize_plugin_names.rb +5 -2
- data/lib/risu/parsers/nessus/postprocess/openoffice.rb +14 -11
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +58 -39
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/php.rb +94 -69
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/putty.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/real_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +16 -3
- data/lib/risu/parsers/nessus/postprocess/samba.rb +46 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +4 -4
- data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/skype.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/solarwinds_dameware.rb +48 -0
- data/lib/risu/parsers/nessus/postprocess/symantec_endpoint.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/tenable_nessus.rb +47 -0
- data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/vlc.rb +4 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +64 -54
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +3 -3
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +11 -5
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +7 -6
- data/lib/risu/parsers/nessus/postprocess/winscp.rb +7 -8
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +73 -51
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/csvrenderer.rb +1 -1
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +1 -1
- data/lib/risu/template_helpers.rb +1 -1
- data/lib/risu/templates/assets.rb +1 -1
- data/lib/risu/templates/authentication_summary.rb +1 -1
- data/lib/risu/templates/cover_sheet.rb +1 -1
- data/lib/risu/templates/exec_summary.rb +1 -1
- data/lib/risu/templates/executive_summary_detailed.rb +1 -1
- data/lib/risu/templates/exploitablity_summary.rb +1 -1
- data/lib/risu/templates/failed_audits.rb +1 -1
- data/lib/risu/templates/finding_statistics.rb +1 -1
- data/lib/risu/templates/findings_host.rb +1 -1
- data/lib/risu/templates/findings_summary.rb +1 -1
- data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
- data/lib/risu/templates/graphs.rb +1 -1
- data/lib/risu/templates/host_findings_csv.rb +1 -1
- data/lib/risu/templates/host_summary.rb +1 -1
- data/lib/risu/templates/malicious_process_detection.rb +1 -1
- data/lib/risu/templates/missing_root_causes.rb +1 -1
- data/lib/risu/templates/ms_patch_summary.rb +1 -1
- data/lib/risu/templates/ms_update_summary.rb +1 -1
- data/lib/risu/templates/ms_wsus_findings.rb +1 -1
- data/lib/risu/templates/notable.rb +1 -1
- data/lib/risu/templates/notable_detailed.rb +1 -1
- data/lib/risu/templates/pci_compliance.rb +1 -1
- data/lib/risu/templates/rollup_summary.rb +82 -0
- data/lib/risu/templates/stig_findings_summary.rb +1 -1
- data/lib/risu/templates/talking_points.rb +1 -1
- data/lib/risu/templates/technical_findings.rb +1 -1
- data/lib/risu/templates/template.rb +1 -1
- data/lib/risu/templates/top_25.rb +1 -1
- data/lib/risu/version.rb +2 -2
- data/risu.gemspec +5 -5
- metadata +59 -56
- metadata.gz.sig +0 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +0 -145
- data/lib/risu/parsers/nessus/postprocess/windows.rb +0 -976
@@ -0,0 +1,28 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Models
|
24
|
+
|
25
|
+
class NessusPluginMetadata < ActiveRecord::Base
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
data/lib/risu/models/patch.rb
CHANGED
data/lib/risu/models/plugin.rb
CHANGED
data/lib/risu/models/policy.rb
CHANGED
data/lib/risu/models/report.rb
CHANGED
data/lib/risu/models/version.rb
CHANGED
data/lib/risu/parsers.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -375,7 +375,8 @@ module Risu
|
|
375
375
|
:cm_compliance_output => @vals["cm:compliance-output"],
|
376
376
|
:cm_compliance_reference => @vals["cm:compliance-reference"],
|
377
377
|
:cm_compliance_see_also => @vals["cm:compliance-see-also" ],
|
378
|
-
:cm_compliance_solution => @vals["cm:compliance-solution"]
|
378
|
+
:cm_compliance_solution => @vals["cm:compliance-solution"],
|
379
|
+
:rollup_finding => false
|
379
380
|
)
|
380
381
|
|
381
382
|
@plugin.update(:solution => @vals["solution"],
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,11 +31,13 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "7-Zip Patch Rollup",
|
33
33
|
:plugin_id => -99954,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest 7-Zip Patches",
|
35
35
|
:item_name => "Update to the latest 7-Zip",
|
36
36
|
:plugin_ids => [
|
37
|
-
91230,
|
38
|
-
|
37
|
+
91230, #7-Zip < 16.00 Multiple Vulnerabilities
|
38
|
+
109730, #7-Zip < 18.05 Memory Corruption Arbitrary Code Execution
|
39
|
+
109799, #7-Zip < 16.03 NULL Pointer Dereference DoS
|
40
|
+
109800, #7-Zip < 18.00 Multiple Vulnerabilities
|
39
41
|
]
|
40
42
|
}
|
41
43
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,61 +31,55 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Adobe Acrobat Patch Rollup",
|
33
33
|
:plugin_id => -99975,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Adobe Acrobat Patches",
|
35
35
|
:item_name => "Update to the latest Adobe Acrobat",
|
36
36
|
:plugin_ids => [
|
37
|
-
79855,
|
38
|
-
83470,
|
39
|
-
40803,
|
40
|
-
40804,
|
41
|
-
40805,
|
42
|
-
40806,
|
43
|
-
42119,
|
44
|
-
43875,
|
45
|
-
44643,
|
46
|
-
45504,
|
47
|
-
47164,
|
48
|
-
48374,
|
49
|
-
49172,
|
50
|
-
50613,
|
51
|
-
51924,
|
52
|
-
52671,
|
53
|
-
53450,
|
54
|
-
55143,
|
55
|
-
56197,
|
56
|
-
57042,
|
57
|
-
77813,
|
58
|
-
57483,
|
59
|
-
58682,
|
60
|
-
61561,
|
61
|
-
64785,
|
62
|
-
63453,
|
63
|
-
66409,
|
64
|
-
74011,
|
65
|
-
84801,
|
66
|
-
84800,
|
67
|
-
77176,
|
68
|
-
77711,
|
69
|
-
69845,
|
70
|
-
71946,
|
71
|
-
86402,
|
72
|
-
91096,
|
73
|
-
87917,
|
74
|
-
89830,
|
75
|
-
92034,
|
76
|
-
40802,
|
77
|
-
40801,
|
78
|
-
40800,
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
99373,
|
84
|
-
94071,
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
37
|
+
79855, #Adobe Acrobat < 10.1.13 / 11.0.10 Multiple Vulnerabilities (APSB14-28)
|
38
|
+
83470, #Adobe Acrobat < 10.1.14 / 11.0.11 Multiple Vulnerabilities (APSB15-10)
|
39
|
+
40803, #Adobe Acrobat < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities
|
40
|
+
40804, #Adobe Acrobat < 9.1.1 / 8.1.5 / 7.1.2 getAnnots() JavaScript Method PDF Handling Memory Corruption (APSB09-06)
|
41
|
+
40805, #Adobe Acrobat < 9.1.2 / 8.1.6 / 7.1.3 Multiple Vulnerabilities
|
42
|
+
40806, #Adobe Acrobat < 9.1.3 Flash Handling Unspecified Arbitrary Code Execution
|
43
|
+
42119, #Adobe Acrobat < 9.2 / 8.1.7 / 7.1.4 Multiple Vulnerabilities (APSB09-15)
|
44
|
+
43875, #Adobe Acrobat < 9.3 / 8.2 Multiple Vulnerabilities (APSB10-02)
|
45
|
+
44643, #Adobe Acrobat < 9.3.1 / 8.2.1 Multiple Vulnerabilities (APSB10-07)
|
46
|
+
45504, #Adobe Acrobat < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)
|
47
|
+
47164, #Adobe Acrobat < 9.3.3 / 8.2.3 Multiple Vulnerabilities (APSB10-15)
|
48
|
+
48374, #Adobe Acrobat < 9.3.4 / 8.2.4 Multiple Vulnerabilities (APSB10-17)
|
49
|
+
49172, #Adobe Acrobat < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)
|
50
|
+
50613, #Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)
|
51
|
+
51924, #Adobe Acrobat < 10.0.1 / 9.4.2 / 8.2.5 Multiple Vulnerabilities (APSB11-03)
|
52
|
+
52671, #Adobe Acrobat 9.x / 10.x Unspecified Memory Corruption (APSB11-06)
|
53
|
+
53450, #Adobe Acrobat 9.x / 10.x Multiple Vulnerabilities (APSB11-08)
|
54
|
+
55143, #Adobe Acrobat < 10.1 / 9.4.5 / 8.3 Multiple Vulnerabilities (APSB11-16)
|
55
|
+
56197, #Adobe Acrobat < 10.1.1 / 9.4.6 / 8.3.1 Multiple Vulnerabilities (APSB11-21, APSB11-24)
|
56
|
+
57042, #Adobe Acrobat < 9.4.7 Multiple Memory Corruption Vulnerabilities (APSB11-30)
|
57
|
+
77813, #Adobe Acrobat Help Page XSS
|
58
|
+
57483, #Adobe Acrobat < 10.1.2 / 9.5 Multiple Vulnerabilities (APSB12-01)
|
59
|
+
58682, #Adobe Acrobat < 10.1.3 / 9.5.1 Multiple Vulnerabilities (APSB12-08)
|
60
|
+
61561, #Adobe Acrobat < 10.1.4 / 9.5.2 Multiple Vulnerabilities (APSB12-16)
|
61
|
+
64785, #Adobe Acrobat < 11.0.2 / 10.1.6 / 9.5.4 Multiple Vulnerabilities (APSB13-07)
|
62
|
+
63453, #Adobe Acrobat < 11.0.1 / 10.1.5 / 9.5.3 Multiple Vulnerabilities (APSB13-02)
|
63
|
+
66409, #Adobe Acrobat < 11.0.3 / 10.1.7 / 9.5.5 Multiple Vulnerabilities (APSB13-15)
|
64
|
+
74011, #Adobe Acrobat < 10.1.10 / 11.0.07 Multiple Vulnerabilities (APSB14-15)
|
65
|
+
84801, #Adobe Reader < 10.1.15 / 11.0.12 / 2015.006.30060 / 2015.008.20082 Multiple Vulnerabilities (APSB15-15)
|
66
|
+
84800, #Adobe Acrobat < 10.1.15 / 11.0.12 / 2015.006.30060 / 2015.008.20082 Multiple Vulnerabilities (APSB15-15)
|
67
|
+
77176, #Adobe Acrobat < 10.1.11 / 11.0.08 Sandbox Bypass (APSB14-19)
|
68
|
+
77711, #Adobe Acrobat < 10.1.12 / 11.0.09 Multiple Vulnerabilities (APSB14-20)
|
69
|
+
69845, #Adobe Acrobat < 11.0.4 / 10.1.8 Multiple Vulnerabilities (APSB13-22)
|
70
|
+
71946, #Adobe Acrobat < 10.1.9 / 11.0.6 Multiple Vulnerabilities (APSB14-01)
|
71
|
+
86402, #Adobe Acrobat <= 10.1.15 / 11.0.12 / 2015.006.30060 / 2015.008.20082 Multiple Vulnerabilities (APSB15-24)
|
72
|
+
91096, #Adobe Acrobat < 11.0.16 / 15.006.30172 / 15.016.20039 Multiple Vulnerabilities (APSB16-14)
|
73
|
+
87917, #Adobe Acrobat < 11.0.14 / 15.006.30119 / 15.010.20056 Multiple Vulnerabilities (APSB16-02)
|
74
|
+
89830, #Adobe Acrobat < 11.0.15 / 15.006.30121 / 15.010.20060 Multiple Vulnerabilities (APSB16-09)
|
75
|
+
92034, #Adobe Acrobat < 11.0.17 / 15.006.30198 / 15.017.20050 Multiple Vulnerabilities (APSB16-26)
|
76
|
+
40802, #Adobe Acrobat < 8.1.3 Multiple Vulnerabilities
|
77
|
+
40801, #Adobe Acrobat < 7.1.0 / 8.1.2 Unspecified JavaScript Method Handling Arbitrary Code Execution
|
78
|
+
40800, #Adobe Acrobat < 8.1.2 / 7.1.0 Multiple Vulnerabilities
|
79
|
+
96452, #Adobe Acrobat < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01)
|
80
|
+
99373, #Adobe Acrobat < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11)
|
81
|
+
94071, #Adobe Acrobat < 11.0.18 / 15.006.30243 / 15.020.20039 Multiple Vulnerabilities (APSB16-33)
|
82
|
+
102427, #Adobe Acrobat < 11.0.21 / 2015.006.30355 / 2017.011.30066 / 2017.012.20098 Multiple Vulnerabilities (APSB17-24)
|
89
83
|
]
|
90
84
|
}
|
91
85
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
2
|
#
|
3
3
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
4
|
# of this software and associated documentation files (the "Software"), to deal
|
@@ -31,71 +31,66 @@ module Risu
|
|
31
31
|
{
|
32
32
|
:description => "Adobe Air Patch Rollup",
|
33
33
|
:plugin_id => -99994,
|
34
|
-
:plugin_name => "
|
34
|
+
:plugin_name => "Missing the latest Adobe Air Patches",
|
35
35
|
:item_name => "Update to the latest Adobe Air",
|
36
36
|
:plugin_ids => [
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
66444,
|
42
|
-
66871,
|
43
|
-
69865,
|
44
|
-
70214,
|
45
|
-
70857,
|
46
|
-
71350,
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
93523,
|
94
|
-
|
95
|
-
|
96
|
-
|
37
|
+
56959, #Adobe AIR <= 3.0 Multiple Vulnerabilities (APSB11-28)
|
38
|
+
52755, #Adobe AIR < 2.6 Unspecified Memory Corruption (APSB11-05)
|
39
|
+
53474, #Adobe AIR < 2.6.0.19140 ActionScript Predefined Class Prototype Addition Remote Code Execution (APSB11-07)
|
40
|
+
55805, #Adobe AIR < 2.7.1 Multiple Vulnerabilities (APSB11-21)
|
41
|
+
66444, #Adobe AIR <= 3.7.0.1530 Multiple Vulnerabilities (APSB13-14)
|
42
|
+
66871, #Adobe AIR <= 3.7.0.1860 Memory Corruption (APSB13-16)
|
43
|
+
69865, #Adobe AIR <= 3.8.0.870 Memory Corruptions (APSB13-21)
|
44
|
+
70214, #Adobe AIR <= 3.7.0.2090 Multiple Vulnerabilities (APSB13-17)
|
45
|
+
70857, #Adobe AIR <= 3.9.0.1030 Memory Corruptions (APSB13-26)
|
46
|
+
71350, #Adobe AIR <= AIR 3.9.0.1210 Multiple Vulnerabilities (APSB13-28)
|
47
|
+
71950, #Adobe AIR <= AIR 3.9.0.1380 Multiple Vulnerabilities (APSB14-02)
|
48
|
+
73432, #Adobe AIR <= AIR 4.0.0.1628 Multiple Vulnerabilities (APSB14-09)
|
49
|
+
73993, #Adobe AIR <= AIR 13.0.0.83 Multiple Vulnerabilities (APSB14-14)
|
50
|
+
74430, #Adobe AIR <= AIR 13.0.0.111 Multiple Vulnerabilities (APSB14-16)
|
51
|
+
73432, #Adobe AIR <= AIR 4.0.0.1628 Multiple Vulnerabilities (APSB14-09)
|
52
|
+
73993, #Adobe AIR <= AIR 13.0.0.83 Multiple Vulnerabilities (APSB14-14)
|
53
|
+
74430, #Adobe AIR <= AIR 13.0.0.111 Multiple Vulnerabilities (APSB14-16)
|
54
|
+
58537, #Adobe AIR 3.x <= 3.1.0.4880 Multiple Memory Corruption Vulnerabilities (APSB12-07)
|
55
|
+
59425, #Adobe AIR 3.x <= 3.2.0.2070 Multiple Vulnerabilities (APSB12-14)
|
56
|
+
61624, #Adobe AIR 3.x <= 3.3.0.3670 Multiple Vulnerabilities (APSB12-19)
|
57
|
+
62835, #Adobe AIR 3.x <= 3.4.0.2710 Multiple Vulnerabilities (APSB12-24)
|
58
|
+
62479, #Adobe AIR 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)
|
59
|
+
63449, #Adobe AIR 3.x <= 3.5.0.880 Buffer Overflow (APSB13-01)
|
60
|
+
64583, #Adobe AIR 3.x <= 3.5.0.1060 Buffer Overflow (APSB13-05)
|
61
|
+
65218, #Adobe AIR 3.x <= 3.6.0.597 Buffer Overflow (APSB13-09)
|
62
|
+
65909, #Adobe AIR 3.x <= 3.6.0.6090 Multiple Vulnerabilities (APSB13-11)
|
63
|
+
66444, #Adobe AIR <= 3.7.0.1530 Multiple Vulnerabilities (APSB13-14)
|
64
|
+
66871, #Adobe AIR <= 3.7.0.1860 Memory Corruption (APSB13-16)
|
65
|
+
63241, #Adobe AIR 3.x <= 3.5.0.600 Multiple Vulnerabilities (APSB12-27)
|
66
|
+
77171, #Adobe AIR <= AIR 14.0.0.110 Multiple Vulnerabilities (APSB14-18)
|
67
|
+
77576, #Adobe AIR <= AIR 14.0.0.178 Multiple Vulnerabilities (APSB14-21)
|
68
|
+
78440, #Adobe AIR <= AIR 15.0.0.249 Multiple Vulnerabilities (APSB14-22)
|
69
|
+
79139, #Adobe AIR <= 15.0.0.293 Multiple Vulnerabilities (APSB14-24)
|
70
|
+
80483, #Adobe AIR <= 15.0.0.356 Multiple Vulnerabilities (APSB15-01)
|
71
|
+
34815, #Adobe AIR < 1.5 Multiple Vulnerabilities (APSB08-23)
|
72
|
+
40447, #Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)
|
73
|
+
43069, #Adobe AIR < 1.5.3 Multiple Vulnerabilities (APSB09-19)
|
74
|
+
46858, #Adobe AIR < 2.0.2.12610 Multiple Vulnerabilities (ASPB10-14)
|
75
|
+
48299, #Adobe AIR < 2.0.3 Multiple Vulnerabilities (APSB10-16)
|
76
|
+
50604, #Adobe AIR < 2.5.1 Multiple Vulnerabilities (APSB10-26)
|
77
|
+
44595, #Adobe AIR < 1.5.3.9130 Multiple Vulnerabilities (APSB10-06)
|
78
|
+
84155, #Adobe AIR <= 17.0.0.124 Multiple Vulnerabilities (APSB15-05)
|
79
|
+
84156, #Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-06)
|
80
|
+
84157, #Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-09)
|
81
|
+
84158, #Adobe AIR <= 17.0.0.172 Multiple Vulnerabilities (APSB15-11)
|
82
|
+
84641, #Adobe AIR <= 18.0.0.144 Multiple Vulnerabilities (APSB15-16)
|
83
|
+
85325, #Adobe AIR <= 18.0.0.180 Multiple Vulnerabilities (APSB15-19)
|
84
|
+
86059, #Adobe AIR <= 18.0.0.199 Multiple Vulnerabilities (APSB15-23)
|
85
|
+
86368, #Adobe AIR <= 19.0.0.190 Multiple Vulnerabilities (APSB15-25)
|
86
|
+
86850, #Adobe AIR <= 19.0.0.213 Multiple Vulnerabilities (APSB15-28)
|
87
|
+
87243, #Adobe AIR <= 19.0.0.241 Multiple Vulnerabilities (APSB15-32)
|
88
|
+
87656, #Adobe AIR <= 20.0.0.204 Multiple Vulnerabilities (APSB16-01)
|
89
|
+
88638, #Adobe AIR <= 20.0.0.233 Multiple Vulnerabilities (APSB16-04)
|
90
|
+
89868, #Adobe AIR <= 20.0.0.260 Multiple Vulnerabilities (APSB16-08)
|
91
|
+
91162, #Adobe AIR <= 21.0.0.198 Multiple Vulnerabilities (APSB16-15)
|
92
|
+
93523, #Adobe AIR <= 22.0.0.153 Android Applications Runtime Analytics MitM (APSB16-31)
|
97
93
|
]
|
98
|
-
|
99
94
|
}
|
100
95
|
|
101
96
|
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# Copyright (c) 2010-2020 Jacob Hammack.
|
2
|
+
#
|
3
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
# of this software and associated documentation files (the "Software"), to deal
|
5
|
+
# in the Software without restriction, including without limitation the rights
|
6
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
# copies of the Software, and to permit persons to whom the Software is
|
8
|
+
# furnished to do so, subject to the following conditions:
|
9
|
+
#
|
10
|
+
# The above copyright notice and this permission notice shall be included in
|
11
|
+
# all copies or substantial portions of the Software.
|
12
|
+
#
|
13
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
# THE SOFTWARE.
|
20
|
+
|
21
|
+
|
22
|
+
module Risu
|
23
|
+
module Parsers
|
24
|
+
module Nessus
|
25
|
+
module PostProcess
|
26
|
+
class AdobeColdfusionPatchRollup < Risu::Base::PostProcessBase
|
27
|
+
|
28
|
+
#
|
29
|
+
def initialize
|
30
|
+
@info =
|
31
|
+
{
|
32
|
+
:description => "Adobe Coldfusion Patch Rollup",
|
33
|
+
:plugin_id => -99950,
|
34
|
+
:plugin_name => "Missing the latest Adobe Coldfusion Patches",
|
35
|
+
:item_name => "Update to the latest Adobe Coldfusion",
|
36
|
+
:plugin_ids => [
|
37
|
+
64689, #Adobe ColdFusion Authentication Bypass (APSB13-03)
|
38
|
+
72091, #Adobe ColdFusion Unsupported Version Detection
|
39
|
+
99731, #Adobe ColdFusion BlazeDS Java Object Deserialization RCE
|
40
|
+
]
|
41
|
+
}
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|