risu 1.7.0 → 1.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/NEWS.markdown +10 -0
- data/README.markdown +1 -1
- data/Rakefile +1 -1
- data/lib/risu.rb +1 -1
- data/lib/risu/base/template_helper.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +2 -1
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +20 -4
- data/lib/risu/parsers/nessus/postprocess/windows.rb +6 -3
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f8b56c0da2dc7bc99cb12f074a266cb974b6b0e8
|
4
|
+
data.tar.gz: 8beff1b136dfdd21db5c615c5b0c6cac4c080afa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4ddd9137d0e2c2e7d10f19f206d0c920924961b15f82a7c3a822977dfe0ac0d75e64ee6e563a5206d2717c3376743da04e858f70040b03186069ad9a6f49c4ae
|
7
|
+
data.tar.gz: 831ebf0f7b7eef82188d8bf385a6cdcf0c99435955f3ad34ddfcb53405cd7805cd300252c55a783ec3d1a31e23eca6c1ede14a9bab56eb85845d77643fbfb3e7
|
data/NEWS.markdown
CHANGED
@@ -1,5 +1,15 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
#1.7.1 (September 25, 2014)
|
4
|
+
- Updated Windows Patch Rollup
|
5
|
+
- Added CA Brightstor Arcserve Backup Rollup
|
6
|
+
- Updated the RootCause plug-ins list
|
7
|
+
- Updated some of the default credential plug-ins list
|
8
|
+
- Models
|
9
|
+
- HostProperty Model
|
10
|
+
- UnsupportedProduct:microsoft:windows_xp
|
11
|
+
- UnsupportedProduct:microsoft:windows_2000
|
12
|
+
|
3
13
|
#1.7.0 (September 12, 2014)
|
4
14
|
- Update Copyrights to 2014
|
5
15
|
- Wiki
|
data/README.markdown
CHANGED
@@ -6,7 +6,7 @@
|
|
6
6
|
|
7
7
|
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
8
8
|
|
9
|
-
Version **1.7.
|
9
|
+
Version **1.7.1** is the current release.
|
10
10
|
|
11
11
|
## Requirements
|
12
12
|
|
data/Rakefile
CHANGED
@@ -44,7 +44,7 @@ end
|
|
44
44
|
|
45
45
|
task :release => [:tag_and_bag, :build] do
|
46
46
|
system "gem push #{Risu::APP_NAME}-#{Risu::VERSION}.gem"
|
47
|
-
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is an Nessus XML parser/database/report generator. More information at http://
|
47
|
+
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is an Nessus XML parser/database/report generator. More information at http://github.com/arxopia/risu/"
|
48
48
|
end
|
49
49
|
|
50
50
|
task :clean do
|
data/lib/risu.rb
CHANGED
@@ -56,7 +56,8 @@ module Risu
|
|
56
56
|
"pcidss:unprotected_mssql_db", "pcidss:obsolete_software", "pcidss:www:sql_injection", "pcidss:backup_files",
|
57
57
|
"traceroute-hop-0", "traceroute-hop-1", "traceroute-hop-2", "operating-system-unsupported", "patch-summary-total-cves",
|
58
58
|
"pcidss:insecure_http_methods", "LastUnauthenticatedResults", "LastAuthenticatedResults", "cpe-0", "cpe-1",
|
59
|
-
"cpe-2", "cpe-3", "Credentialed_Scan", "policy-used", "UnsupportedProduct:microsoft:windows_xp::sp2"
|
59
|
+
"cpe-2", "cpe-3", "Credentialed_Scan", "policy-used", "UnsupportedProduct:microsoft:windows_xp::sp2",
|
60
|
+
"UnsupportedProduct:microsoft:windows_xp", "UnsupportedProduct:microsoft:windows_2000"
|
60
61
|
]
|
61
62
|
|
62
63
|
@valid_host_properties_regex = Array[
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Parsers
|
29
|
+
module Nessus
|
30
|
+
module PostProcess
|
31
|
+
class CABrightstorArcServe < Risu::Base::PostProcessBase
|
32
|
+
|
33
|
+
#
|
34
|
+
def initialize
|
35
|
+
@info =
|
36
|
+
{
|
37
|
+
:description => "CA BrightStor ARCserve Backup Patch Rollup",
|
38
|
+
:plugin_id => -99982,
|
39
|
+
:plugin_name => "Update to the latest CA BrightStor ARCserve Backup",
|
40
|
+
:item_name => "Update to the latest CA BrightStor ARCserve Backup",
|
41
|
+
:plugin_ids => [
|
42
|
+
24015,
|
43
|
+
24816,
|
44
|
+
25086,
|
45
|
+
26970,
|
46
|
+
32398,
|
47
|
+
34393,
|
48
|
+
22510,
|
49
|
+
23841,
|
50
|
+
]
|
51
|
+
}
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -255,7 +255,21 @@ module Risu
|
|
255
255
|
39468 => "Vendor Patch",
|
256
256
|
-99983 => "Vendor Patch",
|
257
257
|
-99984 => "Vendor Patch",
|
258
|
-
|
258
|
+
48264 => "Vendor Patch",
|
259
|
+
51956 => "Vendor Patch",
|
260
|
+
24015 => "Vendor Patch",
|
261
|
+
55992 => "Vendor Patch",
|
262
|
+
40564 => "Vendor Patch",
|
263
|
+
38664 => "Vendor Patch",
|
264
|
+
34393 => "Vendor Patch",
|
265
|
+
32398 => "Vendor Patch",
|
266
|
+
26970 => "Vendor Patch",
|
267
|
+
25086 => "Vendor Patch",
|
268
|
+
24816 => "Vendor Patch",
|
269
|
+
-99982 => "Vendor Patch",
|
270
|
+
34725 => "Vendor Patch",
|
271
|
+
42424 => "Vendor Patch",
|
272
|
+
77200 => "Vendor Patch",
|
259
273
|
|
260
274
|
|
261
275
|
33850 => "Vendor Support",
|
@@ -284,7 +298,7 @@ module Risu
|
|
284
298
|
19699 => "Vendor Support",
|
285
299
|
57859 => "Vendor Support",
|
286
300
|
56998 => "Vendor Support",
|
287
|
-
|
301
|
+
73598 => "Vendor Support",
|
288
302
|
|
289
303
|
49071 => "Configuration",
|
290
304
|
41028 => "Configuration",
|
@@ -349,8 +363,10 @@ module Risu
|
|
349
363
|
11714 => "Configuration",
|
350
364
|
10203 => "Configuration",
|
351
365
|
29224 => "Configuration",
|
352
|
-
|
353
|
-
|
366
|
+
24745 => "Configuration",
|
367
|
+
11245 => "Configuration",
|
368
|
+
76073 => "Configuration",
|
369
|
+
10907 => "Configuration",
|
354
370
|
|
355
371
|
}
|
356
372
|
end
|
@@ -28,7 +28,7 @@ module Risu
|
|
28
28
|
module Parsers
|
29
29
|
module Nessus
|
30
30
|
module PostProcess
|
31
|
-
class
|
31
|
+
class WindowsPatches < Risu::Base::PostProcessBase
|
32
32
|
|
33
33
|
#
|
34
34
|
def initialize
|
@@ -45,8 +45,11 @@ module Risu
|
|
45
45
|
58435,
|
46
46
|
35635,
|
47
47
|
22034,
|
48
|
-
|
49
|
-
|
48
|
+
51956,
|
49
|
+
40564,
|
50
|
+
45517,
|
51
|
+
62940,
|
52
|
+
|
50
53
|
]
|
51
54
|
}
|
52
55
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: risu
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.7.
|
4
|
+
version: 1.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jacob Hammack
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-09-
|
11
|
+
date: 2014-09-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: simplecov
|
@@ -241,6 +241,7 @@ files:
|
|
241
241
|
- lib/risu/parsers/nessus/postprocess/adobe_air.rb
|
242
242
|
- lib/risu/parsers/nessus/postprocess/adobe_reader.rb
|
243
243
|
- lib/risu/parsers/nessus/postprocess/apache.rb
|
244
|
+
- lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb
|
244
245
|
- lib/risu/parsers/nessus/postprocess/core_ftp.rb
|
245
246
|
- lib/risu/parsers/nessus/postprocess/flash_player.rb
|
246
247
|
- lib/risu/parsers/nessus/postprocess/flexnet.rb
|