risu 1.8.0 → 1.8.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: accf90c8309d4a0ccc6b26f830b8830458855492
-  data.tar.gz: d05b1dde76b40f7fdc5c30961b44ec1cc2d55848
+  metadata.gz: e386500694e50ecaf26905c7e6a68b96c88de827
+  data.tar.gz: 8d85f9b09a93ba36925926acd1ee8250c976147d
 SHA512:
-  metadata.gz: c5631c1e7ca724d503e77b8505b7451529bccf01ea088b6acdc80becc1512a6ca2dcffd32df537c20d7ab2dad62d82bcc175dad0214341b189dce836ea35bc0c
-  data.tar.gz: 5755fa9507c02125832f8b4fed8642cd75e71454838772ae252d6aa03fc749e524c09a6a7dea019d8c41f0785df6a19e9de1690d8a7636114615f1f2ee1485d5
+  metadata.gz: bce6d285334e700dcb1db3d9287ca9e8dba1b6db5a9bd1d0eec5d551009e8d67c7e83be5b680f789bd21a4250f5910224474fd421ab026bf92ca240436076110
+  data.tar.gz: 75621496210405112d3fba0b83e249e0b70b1c06552464e858db41bb5b2d601273cc7d4ef1aacee76fbd950078ec3ae94bfbc0c352332744bd27eecf694fad39

data/docs/NEWS.markdown

@@ -1,5 +1,9 @@
 # News
 
+# 1.8.1 (July 6, 2017)
+- Updated PostProcessing plugins
+- Fixed #107 where plugin_name was to short in the schema
+
 # 1.8.0 (March 1, 2017)
 - **Moved repo from http://github.com/arxopia/risu to http://github.com/hammackj/risu**
 - **Upgraded to Rails 5**

data/lib/risu/base/schema.rb

@@ -43,7 +43,7 @@ module Risu
 				create_table :plugins_preferences do |t|
 					t.integer :policy_id
 					t.integer :plugin_id
-					t.string :plugin_name
+					t.text :plugin_name, limit: 4294967295
 					t.string :fullname
 					t.string :preference_name
 					t.string :preference_type

data/lib/risu/models/item.rb

@@ -496,6 +496,8 @@ module Risu
 						critical = critical.merge high
 					end
 
+					
+
 					return critical
 				end
 

data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb

@@ -79,6 +79,9 @@ module Risu
 								48323,
 								49260,
 								51062,
+								96452,
+								99373,
+								94071,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/adobe_air.rb

@@ -90,6 +90,7 @@ module Risu
 								88638,
 								89868,
 								91162,
+								93523,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb

@@ -83,6 +83,8 @@ module Risu
 								91097,
 								92035,
 								94072,
+								96453,
+								99374,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/apache.rb

@@ -63,7 +63,9 @@ module Risu
 								73081,
 								84959,
 								40467,
+								96451,
 								
+
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb

@@ -40,6 +40,12 @@ module Risu
 								91347,
 								87371,
 								92410,
+								94914,
+								94915,
+								95824,
+								96830,
+								100025,
+								100300,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb

@@ -39,13 +39,17 @@ module Risu
             #3 - high
             #4 - critical
 
-						@plugins_to_severity = {
-							41028 => 0, #SNMP Agent Default Community Name (public) - 41028
-              10264 => 0, #SNMP Agent Default Community Names - 10264
-							10081 => 0, #FTP Privileged Port Bounce Scan - 10081
-							42411 => 0, #Microsoft Windows SMB Shares Unprivileged Access
-							66349 => 0, #X Server Unauthenticated Access: Screenshot 
+						# TODO read from "extra" section
 
+						@plugins_to_severity = {
+							41028 => 0, # SNMP Agent Default Community Name (public) - 41028
+              10264 => 0, # SNMP Agent Default Community Names - 10264
+							10081 => 0, # FTP Privileged Port Bounce Scan - 10081
+							42411 => 0, # Microsoft Windows SMB Shares Unprivileged Access
+							66349 => 0, # X Server Unauthenticated Access: Screenshot
+							26925 => 0, # VNC Server Unauthenticated Access
+							66174 => 0, # VNC Server Unauthenticated Access: Screenshot
+							10205 => 0, # rlogin Service Detection
 						}
 					end
 

data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb

@@ -0,0 +1,48 @@
+# Copyright (c) 2010-2017 Jacob Hammack.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+
+module Risu
+	module Parsers
+		module Nessus
+			module PostProcess
+				class DropbearSSHServerPatchRollup < Risu::Base::PostProcessBase
+
+					#
+					def initialize
+						@info =
+						{
+							:description => "Dropbear SSH Server Patch Rollup",
+							:plugin_id => -99952,
+							:plugin_name => "Update to the latest Dropbear SSH Server",
+							:item_name => "Update to the latest Dropbear SSH Server",
+							:plugin_ids => [
+								93650,
+								58183,
+								
+
+							]
+						}
+					end
+				end
+			end
+		end
+	end
+end

data/lib/risu/parsers/nessus/postprocess/firefox.rb

@@ -78,6 +78,28 @@ module Risu
 								88754,
 								92755,
 								93662,
+								94960,
+								95475,
+								95886,
+								96776,
+								97639,
+								99125,
+								99632,
+								100127,
+								55901,
+								56334,
+								56750,
+								57768,
+								57769,
+								58006,
+								58349,
+								58898,
+								59407,
+								60043,
+								61715,
+								62580,
+								62589,
+								94232,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/flash_player.rb

@@ -127,6 +127,12 @@ module Risu
 								93960,
 								94334,
 								94628,
+								95762,
+								96388,
+								97142,
+								97727,
+								99283,
+								100052,
 								
 
 							]

data/lib/risu/parsers/nessus/postprocess/flexnet.rb

@@ -27,7 +27,7 @@ module Risu
 
 					#
 					def initialize
-						@info = 
+						@info =
 						{
 							:description => "Macrovision FLEXnet Patch Rollup",
 							:plugin_id => -99987,
@@ -37,7 +37,7 @@ module Risu
 								25371,
 								24712,
 								27599,
-								
+
 							]
 						}
 					end

data/lib/risu/parsers/nessus/postprocess/google_chrome.rb

@@ -128,6 +128,15 @@ module Risu
 								91716,
 								93476,
 								93817,
+								99633,
+								99995,
+								94136,
+								94580,
+								94676,
+								95480,
+								96828,
+								97724,
+								99136,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/java.rb

@@ -89,6 +89,9 @@ module Risu
 								90828,
 								92516,
 								92516,
+								99588,
+								94138,
+								96628,
 								
 
 

data/lib/risu/parsers/nessus/postprocess/shockwave.rb

@@ -60,6 +60,7 @@ module Risu
 								84765,
 								85882,
 								86633,
+								97835,
 								
 
 							]

data/lib/risu/parsers/nessus/postprocess/windows.rb

@@ -928,7 +928,42 @@ module Risu
 								94016,
 								49952,
 								94634,
-								
+								55883,
+								72836,
+								95764,
+								95765,
+								95766,
+								95768,
+								95811,
+								95813,
+								96393,
+								97833,
+								97737,
+								97743,
+								100051,
+								100057,
+								94631,
+								94633,
+								94635,
+								94636,
+								94637,
+								94638,
+								94639,
+								94641,
+								94643,
+								97729,
+								97731,
+								97732,
+								97733,
+								97738,
+								97794,
+								99312,
+								97740,
+								99314,
+								100103,
+								100058,
+								97833,
+
 
 
 							]

data/lib/risu/parsers/nessus/postprocess/wireshark.rb

@@ -79,6 +79,8 @@ module Risu
 								90786,
 								90787,
 								92817,
+								99437,
+								97574,
 								
 
 							]

data/lib/risu/version.rb

@@ -21,7 +21,7 @@
 
 module Risu
 	APP_NAME = "risu"
-	VERSION = "1.8.0"
+	VERSION = "1.8.1"
 	HOME_PAGE = "https://hammackj.github.io/risu/"
 	GITHUB = "http://github.com/hammackj/risu"
 	EMAIL = "jacob.hammack@hammackj.com"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: risu
 version: !ruby/object:Gem::Version
-  version: 1.8.0
+  version: 1.8.1
 platform: ruby
 authors:
 - Jacob Hammack
@@ -34,7 +34,7 @@ cert_chain:
   mmb41gpjtpyN4MmJg/dtBA2QAzTR88UfROHdHsH7z5/s3B28ULSb72jogoU7PDuI
   xWswHWNU
   -----END CERTIFICATE-----
-date: 2017-02-11 00:00:00.000000000 Z
+date: 2017-07-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -369,6 +369,7 @@ files:
 - lib/risu/parsers/nessus/postprocess/core_ftp.rb
 - lib/risu/parsers/nessus/postprocess/db2.rb
 - lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb
+- lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb
 - lib/risu/parsers/nessus/postprocess/filezilla.rb
 - lib/risu/parsers/nessus/postprocess/firefox.rb
 - lib/risu/parsers/nessus/postprocess/flash_player.rb

metadata.gz.sig

@@ -1,2 +1 @@
-*�,ѩ	)�!��6�P�/K"��c,��^��`�n�s��$��C�KQ����0����ɛƤ0T5SL&��|��s����
-������o��4����b`<&��ʋ~kq��aW8!/��F
+M� ��G4yO@'s0όгg%�;�z�Y��w�y�W�H�%Q�!�턹-d<<A\
��@�̨�����\�zøb���jv`t_M䙿Ȍ#D"?�nxk�-�h3��6.������rB�$ϙ�8�W��v����H"�	��MCH笀��,/�% ~:ޥ���0��V&Z�8��Xn�u؎esG�������m¦��V2u����ŧ��B�Z�N�C�+��1���'�i�,�XP��]�6/>0���