RubyGems - risu - Versions diffs - 1.8.3 → 1.8.4 - Mend

risu 1.8.3 → 1.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (161) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/Gemfile.lock +159 -0
data/LICENSE +1 -1
data/README.markdown +2 -5
data/Rakefile +1 -1
data/bin/risu +1 -1
data/docs/NEWS.markdown +3 -0
data/lib/risu.rb +2 -2
data/lib/risu/base.rb +1 -1
data/lib/risu/base/graph_template_helper.rb +1 -1
data/lib/risu/base/host_template_helper.rb +2 -1
data/lib/risu/base/malware_template_helper.rb +1 -1
data/lib/risu/base/post_process_base.rb +7 -4
data/lib/risu/base/post_process_manager.rb +1 -1
data/lib/risu/base/scan_helper.rb +1 -1
data/lib/risu/base/schema.rb +10 -3
data/lib/risu/base/shares_template_helper.rb +1 -1
data/lib/risu/base/template_base.rb +1 -1
data/lib/risu/base/template_helper.rb +1 -1
data/lib/risu/base/template_manager.rb +1 -1
data/lib/risu/base/templater.rb +1 -1
data/lib/risu/cli.rb +1 -1
data/lib/risu/cli/application.rb +16 -16
data/lib/risu/cli/banner.rb +1 -1
data/lib/risu/exceptions.rb +1 -1
data/lib/risu/exceptions/invaliddocument.rb +1 -1
data/lib/risu/graphs.rb +1 -1
data/lib/risu/graphs/top_vuln_graph.rb +1 -1
data/lib/risu/graphs/windows_os_graph.rb +1 -1
data/lib/risu/models.rb +2 -1
data/lib/risu/models/attachment.rb +1 -1
data/lib/risu/models/familyselection.rb +1 -1
data/lib/risu/models/host.rb +34 -2
data/lib/risu/models/hostproperty.rb +1 -1
data/lib/risu/models/individualpluginselection.rb +1 -1
data/lib/risu/models/item.rb +248 -20
data/lib/risu/models/nessuspluginmetadata.rb +28 -0
data/lib/risu/models/patch.rb +1 -1
data/lib/risu/models/plugin.rb +1 -1
data/lib/risu/models/pluginspreference.rb +1 -1
data/lib/risu/models/policy.rb +1 -1
data/lib/risu/models/reference.rb +1 -1
data/lib/risu/models/report.rb +1 -1
data/lib/risu/models/serverpreference.rb +1 -1
data/lib/risu/models/servicedescription.rb +1 -1
data/lib/risu/models/version.rb +1 -1
data/lib/risu/parsers.rb +1 -1
data/lib/risu/parsers/nessus/nessus_document.rb +1 -1
data/lib/risu/parsers/nessus/nessus_sax_listener.rb +3 -2
data/lib/risu/parsers/nessus/postprocess.rb +1 -1
data/lib/risu/parsers/nessus/postprocess/7zip.rb +6 -4
data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +48 -54
data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +58 -63
data/lib/risu/parsers/nessus/postprocess/adobe_coldfusion.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/{shockwave.rb → adobe_creative_desktop.rb} +9 -34
data/lib/risu/parsers/nessus/postprocess/adobe_flash_player.rb +175 -0
data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +73 -55
data/lib/risu/parsers/nessus/postprocess/adobe_shockwave_player.rb +74 -0
data/lib/risu/parsers/nessus/postprocess/apache.rb +38 -33
data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +8 -10
data/lib/risu/parsers/nessus/postprocess/apple_icloud.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +23 -17
data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +38 -32
data/lib/risu/parsers/nessus/postprocess/artifex_ghostscript.rb +49 -0
data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +10 -14
data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +10 -10
data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb +18 -20
data/lib/risu/parsers/nessus/postprocess/cisco_ios.rb +25 -15
data/lib/risu/parsers/nessus/postprocess/cisco_telepresence.rb +45 -0
data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +6 -6
data/lib/risu/parsers/nessus/postprocess/db2.rb +7 -9
data/lib/risu/parsers/nessus/postprocess/dell_idrac.rb +49 -0
data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +4 -2
data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb +7 -6
data/lib/risu/parsers/nessus/postprocess/filezilla.rb +4 -6
data/lib/risu/parsers/nessus/postprocess/firefox.rb +113 -71
data/lib/risu/parsers/nessus/postprocess/flexnet.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/foxit_phantom_pdf.rb +10 -3
data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +13 -12
data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +34 -6
data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/iLo.rb +50 -0
data/lib/risu/parsers/nessus/postprocess/intel_mgt_engine.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/irfanview.rb +2 -2
data/lib/risu/parsers/nessus/postprocess/java.rb +70 -64
data/lib/risu/parsers/nessus/postprocess/libreoffice.rb +2 -2
data/lib/risu/parsers/nessus/postprocess/microsoft_office.rb +73 -0
data/lib/risu/parsers/nessus/postprocess/microsoft_visual_studio.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/microsoft_windows.rb +1312 -0
data/lib/risu/parsers/nessus/postprocess/mongo_db.rb +46 -0
data/lib/risu/parsers/nessus/postprocess/mozzila_thunderbird.rb +49 -0
data/lib/risu/parsers/nessus/postprocess/normalize_plugin_names.rb +5 -2
data/lib/risu/parsers/nessus/postprocess/openoffice.rb +14 -11
data/lib/risu/parsers/nessus/postprocess/openssh.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/openssl.rb +58 -39
data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/php.rb +94 -69
data/lib/risu/parsers/nessus/postprocess/post_process.rb +1 -1
data/lib/risu/parsers/nessus/postprocess/putty.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/real_player.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/risk_score.rb +1 -1
data/lib/risu/parsers/nessus/postprocess/root_cause.rb +16 -3
data/lib/risu/parsers/nessus/postprocess/samba.rb +46 -0
data/lib/risu/parsers/nessus/postprocess/servu.rb +4 -4
data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/skype.rb +4 -3
data/lib/risu/parsers/nessus/postprocess/solarwinds_dameware.rb +48 -0
data/lib/risu/parsers/nessus/postprocess/symantec_endpoint.rb +4 -3
data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/tenable_nessus.rb +47 -0
data/lib/risu/parsers/nessus/postprocess/timbuktu.rb +2 -2
data/lib/risu/parsers/nessus/postprocess/vlc.rb +4 -3
data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +64 -54
data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +3 -3
data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +11 -5
data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +7 -6
data/lib/risu/parsers/nessus/postprocess/winscp.rb +7 -8
data/lib/risu/parsers/nessus/postprocess/wireshark.rb +73 -51
data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
data/lib/risu/renderers.rb +1 -1
data/lib/risu/renderers/csvrenderer.rb +1 -1
data/lib/risu/renderers/nilrenderer.rb +1 -1
data/lib/risu/renderers/pdfrenderer.rb +1 -1
data/lib/risu/template_helpers.rb +1 -1
data/lib/risu/templates/assets.rb +1 -1
data/lib/risu/templates/authentication_summary.rb +1 -1
data/lib/risu/templates/cover_sheet.rb +1 -1
data/lib/risu/templates/exec_summary.rb +1 -1
data/lib/risu/templates/executive_summary_detailed.rb +1 -1
data/lib/risu/templates/exploitablity_summary.rb +1 -1
data/lib/risu/templates/failed_audits.rb +1 -1
data/lib/risu/templates/finding_statistics.rb +1 -1
data/lib/risu/templates/findings_host.rb +1 -1
data/lib/risu/templates/findings_summary.rb +1 -1
data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
data/lib/risu/templates/graphs.rb +1 -1
data/lib/risu/templates/host_findings_csv.rb +1 -1
data/lib/risu/templates/host_summary.rb +1 -1
data/lib/risu/templates/malicious_process_detection.rb +1 -1
data/lib/risu/templates/missing_root_causes.rb +1 -1
data/lib/risu/templates/ms_patch_summary.rb +1 -1
data/lib/risu/templates/ms_update_summary.rb +1 -1
data/lib/risu/templates/ms_wsus_findings.rb +1 -1
data/lib/risu/templates/notable.rb +1 -1
data/lib/risu/templates/notable_detailed.rb +1 -1
data/lib/risu/templates/pci_compliance.rb +1 -1
data/lib/risu/templates/rollup_summary.rb +82 -0
data/lib/risu/templates/stig_findings_summary.rb +1 -1
data/lib/risu/templates/talking_points.rb +1 -1
data/lib/risu/templates/technical_findings.rb +1 -1
data/lib/risu/templates/template.rb +1 -1
data/lib/risu/templates/top_25.rb +1 -1
data/lib/risu/version.rb +2 -2
data/risu.gemspec +5 -5
metadata +59 -56
metadata.gz.sig +0 -0
data/lib/risu/parsers/nessus/postprocess/flash_player.rb +0 -145
data/lib/risu/parsers/nessus/postprocess/windows.rb +0 -976

data/lib/risu/parsers/nessus/postprocess/apache.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,41 +31,46 @@ module Risu
 						{
 							:description => "Apache Patch Rollup",
 							:plugin_id => -99986,
-							:plugin_name => "Update to the latest Apache",
+							:plugin_name => "Missing the latest Apache patches",
 							:item_name => "Update to the latest Apache",
 							:plugin_ids => [
-								11030,
-								11137,
-								11793,
-								11915,
-								31654,
-								55976,
-								57792,
-								12280,
-								17696,
-								31408,
-								73405,
-								56216,
-								57791,
-								62101,
-								64912,
-								68915,
-								77531,
-								45004,
-								57603,
-								42052,
-								48205,
-								50070,
-								53896,
-								69014,
-								76622,
-								81126,
-								73081,
-								84959,
-								40467,
-								96451,
+								11030, #Apache Chunked Encoding Remote Overflow
+								11137, #Apache < 1.3.27 Multiple Vulnerabilities (DoS, XSS)
+								11793, #Apache < 1.3.28 Multiple Vulnerabilities (DoS, ID)
+								11915, #Apache < 1.3.29 Multiple Modules Local Overflow
+								31654, #Apache < 1.3.37 mod_rewrite LDAP Protocol URL Handling Overflow
+								55976, #Apache HTTP Server Byte Range DoS
+								57792, #Apache HTTP Server httpOnly Cookie Information Disclosure
+								12280, #Apache < 1.3.31 / 2.0.49 Socket Connection Blocking Race Condition DoS
+								17696, #Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
+								31408, #Apache 1.3.x < 1.3.41 Multiple Vulnerabilities (DoS, XSS)
+								73405, #Apache 2.2.x < 2.2.27 Multiple Vulnerabilities
+								56216, #Apache 2.2.x < 2.2.21 mod_proxy_ajp DoS
+								57791, #Apache 2.2.x < 2.2.22 Multiple Vulnerabilities
+								62101, #Apache 2.2.x < 2.2.23 Multiple Vulnerabilities
+								64912, #Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities
+								68915, #Apache 2.2.x < 2.2.25 Multiple Vulnerabilities
+								77531, #Apache 2.2.x < 2.2.28 Multiple Vulnerabilities
+								45004, #Apache 2.2.x < 2.2.15 Multiple Vulnerabilities
+								57603, #Apache 2.2.x < 2.2.13 APR apr_palloc Heap Overflow
+								42052, #Apache 2.2.x < 2.2.14 Multiple Vulnerabilities
+								48205, #Apache 2.2.x < 2.2.16 Multiple Vulnerabilities
+								50070, #Apache 2.2.x < 2.2.17 Multiple Vulnerabilities
+								53896, #Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS
+								69014, #Apache 2.4.x < 2.4.5 Multiple Vulnerabilities
+								76622, #Apache 2.4.x < 2.4.10 Multiple Vulnerabilities
+								81126, #Apache 2.4.x < 2.4.12 Multiple Vulnerabilities
+								73081, #Apache 2.4.x < 2.4.8 Multiple Vulnerabilities
+								84959, #Apache 2.4.x < 2.4.16 Multiple Vulnerabilities
+								40467, #Apache 2.2.x < 2.2.12 Multiple Vulnerabilities
+								96451, #Apache 2.4.x < 2.4.25 Multiple Vulnerabilities (httpoxy)
+								100995, #Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities -
+								101788, #Apache 2.4.x < 2.4.27 Multiple Vulnerabilities
+								103838, #Apache 2.4.x < 2.4.28 HTTP Vulnerability (OptionsBleed)
+								101787, #Apache 2.2.x < 2.2.34 Multiple Vulnerabilities
+								68914, #Apache 2.0.x < 2.0.65 Multiple Vulnerabilities
+								123642, #Apache 2.4.x < 2.4.39 Multiple Vulnerabilities
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,17 +31,15 @@ module Risu
 						{
 							:description => "Apache Tomcat Patch Rollup",
 							:plugin_id => -99966,
-							:plugin_name => "Update to the latest Apache Tomcat",
+							:plugin_name => "Missing the latest Apache Tomcat Patches",
 							:item_name => "Update to the latest Apache Tomcat",
 							:plugin_ids => [
-                81649,
-                12085,
-                35806,
-								81650,
-								83526,
+								81649, #Apache Tomcat 6.0.x < 6.0.43 Multiple Vulnerabilities (POODLE)
+								12085, #Apache Tomcat Servlet / JSP Container Default Files
+								35806, #Tomcat Sample App cal2.jsp 'time' Parameter XSS
+								81650, #Apache Tomcat 7.0.x < 7.0.57 Multiple Vulnerabilities (POODLE)
+								83526, #Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK)
+								70414, #Apache Tomcat / JBoss EJBInvokerServlet / JMXInvokerServlet Multiple Vulnerabilities
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/apple_icloud.rb ADDED

@@ -0,0 +1,47 @@
+# Copyright (c) 2010-2020 Jacob Hammack.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class AppleICloudRollup < Risu::Base::PostProcessBase
+					#
+					def initialize
+						@info =
+						{
+							:description => "Apple iCloud Patch Rollup",
+							:plugin_id => -99939,
+							:plugin_name => "Missing the latest Apple iCloud",
+							:item_name => "Update to the latest Apple iCloud",
+							:plugin_ids => [
+                                125878, #Apple iCloud < 7.12 Multiple Vulnerabilities
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,24 +31,30 @@ module Risu
 						{
 							:description => "Apple iTunes Patch Rollup",
 							:plugin_id => -99960,
-							:plugin_name => "Update to the latest Apple iTunes",
+							:plugin_name => "Missing the latest Apple iTunes Patches",
 							:item_name => "Update to the latest Apple iTunes",
 							:plugin_ids => [
-								84504,
-								86001,
-								86602,
-								91347,
-								87371,
-								92410,
-								94914,
-								94915,
-								95824,
-								96830,
-								100025,
-								100300,
+								84504, #Apple iTunes < 12.2 Multiple Vulnerabilities (credentialed check)
+								86001, #Apple iTunes < 12.3 Multiple Vulnerabilities (credentialed check)
+								86602, #Apple iTunes < 12.3.1 Multiple Vulnerabilities (credentialed check)
+								91347, #Apple iTunes < 12.4 DLL Injection Arbitrary Code Execution (credentialed check)
+								87371, #Apple iTunes < 12.3.2 Multiple Vulnerabilities (credentialed check)
+								92410, #Apple iTunes < 12.4.2 Multiple Vulnerabilities (credentialed check)
+								94914, #Apple iTunes < 12.5.1 Multiple Vulnerabilities (credentialed check)
+								94915, #Apple iTunes < 12.5.2 Multiple Vulnerabilities (credentialed check)
+								95824, #Apple iTunes < 12.5.4 Multiple Vulnerabilities (credentialed check)
+								96830, #Apple iTunes < 12.5.5 Multiple Vulnerabilities (credentialed check)
+								100025, #Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)
+								100300, #Apple iTunes < 12.6.1 WebKit Memory Corruption RCE (credentialed check)
+								78597, #Apple iTunes < 12.0.1 Multiple Vulnerabilities (credentialed check) -
+								101954, #Apple iTunes < 12.6.2 Multiple Vulnerabilities (credentialed check) -
+								111105, #Apple iTunes < 12.8 Multiple Vulnerabilities (credentialed check)
+								117880, #Apple iTunes < 12.9 Multiple Vulnerabilities (credentialed check)
+								108795, #Apple iTunes < 12.7.4 WebKit Multiple Vulnerabilities (credentialed check)
+								110384, #Apple iTunes < 12.7.5 Multiple Vulnerabilities (credentialed check)
+								118718, #Apple iTunes < 12.9.1 Multiple Vulnerabilities (credentialed check)
+								119767, #Apple iTunes < 12.9.2 Multiple Vulnerabilities (credentialed check)
+121473, #Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)
 							]
 						}

data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,39 +31,45 @@ module Risu
 						{
 							:description => "Apple QuickTime Patch Rollup",
 							:plugin_id => -99973,
-							:plugin_name => "Update to the latest Apple QuickTime",
+							:plugin_name => "Missing the latest Apple QuickTime Patches",
 							:item_name => "Update to the latest Apple QuickTime",
 							:plugin_ids => [
-								66636,
-								72706,
-								78678,
-								62890,
-								87848,
-								85662,
-								84505,
-								59113,
-								56667,
-								55764,
-								21556,
-								22336,
-								24761,
-								25123,
-								25347,
-								25703,
-								26916,
-								29698,
-								29982,
-								31735,
-								33130,
-								34119,
-								34460,
-								35437,
-								38988,
-								40929,
-								45388,
-								27626,
-								30204,
+								48323, #QuickTime < 7.6.7 QuickTimeStreaming.qtx SMIL File Debug Logging Overflow (Windows)
+								49260, #QuickTime < 7.6.8 Multiple Vulnerabilities (Windows)
+								51062, #QuickTime < 7.6.9 Multiple Vulnerabilities (Windows)
+								66636, #QuickTime < 7.7.4 Multiple Vulnerabilities (Windows)
+								72706, #QuickTime < 7.7.5 Multiple Vulnerabilities (Windows)
+								78678, #QuickTime < 7.7.6 Multiple Vulnerabilities (Windows)
+								62890, #QuickTime < 7.7.3 Multiple Vulnerabilities (Windows)
+								87848, #Apple QuickTime < 7.7.9 Multiple RCE (Windows)
+								85662, #Apple QuickTime < 7.7.8 Multiple Arbitrary Code Vulnerabilities (Windows)
+								84505, #Apple QuickTime < 7.7.7 Multiple Vulnerabilities (Windows)
+								59113, #QuickTime < 7.7.2 Multiple Vulnerabilities (Windows)
+								56667, #QuickTime < 7.7.1 Multiple Vulnerabilities (Windows)
+								55764, #QuickTime < 7.7 Multiple Vulnerabilities (Windows)
+								21556, #QuickTime < 7.1 Multiple Vulnerabilities (Windows)
+								22336, #QuickTime < 7.1.3 Multiple Vulnerabilities (Windows)
+								24761, #QuickTime < 7.1.5 Multiple Vulnerabilities (Windows)
+								25123, #QuickTime < 7.1.6 quicktime.util.QTHandleRef toQTPointer Method Arbitrary Code Execution (Windows)
+								25347, #QuickTime < 7.1.6 Security Update (Windows)
+								25703, #QuickTime < 7.2 Multiple Vulnerabilities (Windows)
+								26916, #QuickTime < 7.2 Security Update (Windows)
+								29698, #QuickTime < 7.3.1 Multiple Vulnerabilities (Windows)
+								29982, #QuickTime < 7.4 Multiple Vulnerabilities (Windows)
+								31735, #QuickTime < 7.4.5 Multiple Vulnerabilities (Windows)
+								33130, #QuickTime < 7.5 Multiple Vulnerabilities (Windows)
+								34119, #QuickTime < 7.5.5 Multiple Vulnerabilities (Windows)
+								35437, #QuickTime < 7.6 Multiple Vulnerabilities (Windows)
+								38988, #QuickTime < 7.6.2 Multiple Vulnerabilities (Windows)
+								40929, #QuickTime < 7.6.4 Multiple Vulnerabilities (Windows)
+								45388, #QuickTime < 7.6.6 Multiple Vulnerabilities (Windows)
+								27626, #QuickTime < 7.3 Multiple Vulnerabilities (Windows)
+								30204, #QuickTime < 7.4.1 RTSP Response Long Reason-Phrase Arbitrary Remote Code Execution (Windows)
+								11506, #QuickTime < 6.1 URL Handling Overflow (Windows)
+17637, #QuickTime < 6.5.2 PictureViewer Malformed JPEG Overflow (Windows)
+20136, #QuickTime < 7.0.3 Multiple Vulnerabilities (Windows)
+20395, #QuickTime < 7.0.4 Multiple Vulnerabilities (Windows)
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/artifex_ghostscript.rb ADDED

@@ -0,0 +1,49 @@
+# Copyright (c) 2010-2020 Jacob Hammack.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class ArtifexGhostscriptRollup < Risu::Base::PostProcessBase
+					#
+					def initialize
+						@info =
+						{
+							:description => "Artifex Ghostscript Patch Rollup",
+							:plugin_id => -99937,
+							:plugin_name => "Missing the latest Artifex Ghostscript",
+							:item_name => "Update to the latest Artifex Ghostscript",
+							:plugin_ids => [
+                                117459, #Artifex Ghostscript Multiple Vulnerabilities
+117596, #Artifex Ghostscript < 9.25 PostScript Code Execution Vulnerability
+119240, #Artifex Ghostscript < 9.26 PostScript Multiple Vulnerabilities
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,21 +31,17 @@ module Risu
 						{
 							:description => "Black Berry Enterprise Server Patch Rollup",
 							:plugin_id => -99968,
-							:plugin_name => "Update to the latest Black Berry Enterprise Server",
+							:plugin_name => "Missing the latest Black Berry Enterprise Server Patches",
 							:item_name => "Update to the latest Black Berry Enterprise Server",
 							:plugin_ids => [
-                50071,
-                51191,
-                51527,
-                55819,
-								55670,
-								53829,
-								72583,
-								77327,
+								50071, #BlackBerry Enterprise Server / Attachment Service PDF Distiller Buffer Overflow (KB24547)
+								51191, #BlackBerry Enterprise Server / Attachment Service PDF Distiller Buffer Overflow (KB24761)
+								51527, #BlackBerry Enterprise Server / Attachment Service PDF Distiller Buffer Overflow (KB25382)
+								55819, #BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)
+								55670, #BlackBerry Enterprise Server Administration API Unspecified Remote Vulnerability (KB27258)
+								53829, #BlackBerry Enterprise Server Web Desktop Manager XSS (KB26296)
+								72583, #BlackBerry Enterprise Server / Enterprise Service / Enterprise Server Express Information Disclosure (KB35647)
+								77327, #BlackBerry Enterprise Server / Enterprise Service / Enterprise Server Express Information Disclosure (KB36175)
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,17 +31,17 @@ module Risu
 						{
 							:description => "CA BrightStor ARCserve Backup Patch Rollup",
 							:plugin_id => -99982,
-							:plugin_name => "Update to the latest CA BrightStor ARCserve Backup",
+							:plugin_name => "Missing the latest CA BrightStor ARCserve Backup Patches",
 							:item_name => "Update to the latest CA BrightStor ARCserve Backup",
 							:plugin_ids => [
-								24015,
-								24816,
-								25086,
-								26970,
-								32398,
-								34393,
-								22510,
-								23841,
+								24015, #CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983)
+								24816, #CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)
+								25086, #CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO87569)
+								26970, #CA BrightStor ARCserve Backup Multiple Remote Vulnerabilities (QO91094)
+								32398, #CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)
+								34393, #CA BrightStor ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Execution
+								22510, #CA BrightStor ARCserve Backup for Windows Multiple Remote Buffer Overflows (QO81201)
+								23841, #CA BrightStor ARCserve Backup Discovery Service Overflow
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/cisco_anyconnect.rb CHANGED

@@ -1,4 +1,4 @@
-# Copyright (c) 2010-2017 Jacob Hammack.
+# Copyright (c) 2010-2020 Jacob Hammack.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -31,27 +31,25 @@ module Risu
 						{
 							:description => "Cisco AnyConnect Client Patch Rollup",
 							:plugin_id => -99961,
-							:plugin_name => "Update to the latest Cisco AnyConnect Client",
+							:plugin_name => "Missing the latest Cisco AnyConnect Client Patches",
 							:item_name => "Update to the latest Cisco AnyConnect Client",
 							:plugin_ids => [
-								76491,
-								81978,
-								86302,
-								78676,
-								81671,
-								82270,
-								85266,
-								85267,
-								85541,
-								87894,
-								88100,
-								54954,
-								59820,
-								93382,
-								71464,
+								76491, #Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(5170) Multiple OpenSSL Vulnerabilities
+								81978, #Cisco AnyConnect Secure Mobility Client < 3.1.10010.0 / 4.0.x < 4.0.4014.0 / 4.1.x < 4.1.4011.0 Code Execution Vulnerability
+								86302, #Cisco AnyConnect Secure Mobility Client 3.x < 3.1.11004.0 / 4.x < 4.1.6020.0 Privilege Escalation
+								78676, #Cisco AnyConnect Secure Mobility Client < 3.1(5187) (POODLE)
+								81671, #Cisco AnyConnect Secure Mobility Client < 3.1(6068) XSS
+								82270, #Cisco AnyConnect Secure Mobility Client < 3.1(7021) / <= 4.0(48) Multiple Vulnerabilities (FREAK)
+								85266, #Cisco AnyConnect Secure Mobility Client < 3.1.8009.0 / 4.0.x < 4.0.2052.0 / 4.1.x < 4.1.28.0 Multiple Vulnerabilities
+								85267, #Cisco AnyConnect Secure Mobility Client < 3.1.10010.0 / 4.0.x < 4.0.4013.0 / 4.1.x < 4.1.4011.0 IPC File Write Vulnerability
+								85541, #Cisco AnyConnect Secure Mobility Client 3.x < 3.1.10010.0 / 4.x < 4.1.4011.0 Arbitrary File Write
+								87894, #Cisco AnyConnect Secure Mobility Client 2.x < 3.1.13015.0 / 4.x < 4.2.1035.0 Arbitrary File Manipulation
+								88100, #Cisco AnyConnect Secure Mobility Client < 3.1.13015.0 / 4.2.x < 4.2.1035.0 Multiple OpenSSL Vulnerabilities
+								54954, #Cisco AnyConnect Secure Mobility Client < 2.3.254 Multiple Vulnerabilities
+								59820, #Cisco AnyConnect Secure Mobility Client VPN Downloader RCE (cisco-sa-20120620-ac)
+								93382, #Cisco AnyConnect Secure Mobility Client 4.2.x < 4.2.5015.0 / 4.3.x < 4.3.2039.0 Privilege Escalation Vulnerability
+								71464, #Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.0(629) ATL Buffer Overflow
+								95951, #Cisco AnyConnect Secure Mobility Client 3.1.x < 4.3.4019.0 / 4.4.x < 4.4.225.0 Privilege Escalation
 							]
 						}
 					end