risu 1.8.0 → 1.8.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (24) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data.tar.gz.sig +0 -0
  4. data/docs/NEWS.markdown +4 -0
  5. data/lib/risu/base/schema.rb +1 -1
  6. data/lib/risu/models/item.rb +2 -0
  7. data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +3 -0
  8. data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +1 -0
  9. data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +2 -0
  10. data/lib/risu/parsers/nessus/postprocess/apache.rb +2 -0
  11. data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb +6 -0
  12. data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +10 -6
  13. data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb +48 -0
  14. data/lib/risu/parsers/nessus/postprocess/firefox.rb +22 -0
  15. data/lib/risu/parsers/nessus/postprocess/flash_player.rb +6 -0
  16. data/lib/risu/parsers/nessus/postprocess/flexnet.rb +2 -2
  17. data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +9 -0
  18. data/lib/risu/parsers/nessus/postprocess/java.rb +3 -0
  19. data/lib/risu/parsers/nessus/postprocess/shockwave.rb +1 -0
  20. data/lib/risu/parsers/nessus/postprocess/windows.rb +36 -1
  21. data/lib/risu/parsers/nessus/postprocess/wireshark.rb +2 -0
  22. data/lib/risu/version.rb +1 -1
  23. metadata +3 -2
  24. metadata.gz.sig +1 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: accf90c8309d4a0ccc6b26f830b8830458855492
4
- data.tar.gz: d05b1dde76b40f7fdc5c30961b44ec1cc2d55848
3
+ metadata.gz: e386500694e50ecaf26905c7e6a68b96c88de827
4
+ data.tar.gz: 8d85f9b09a93ba36925926acd1ee8250c976147d
5
5
  SHA512:
6
- metadata.gz: c5631c1e7ca724d503e77b8505b7451529bccf01ea088b6acdc80becc1512a6ca2dcffd32df537c20d7ab2dad62d82bcc175dad0214341b189dce836ea35bc0c
7
- data.tar.gz: 5755fa9507c02125832f8b4fed8642cd75e71454838772ae252d6aa03fc749e524c09a6a7dea019d8c41f0785df6a19e9de1690d8a7636114615f1f2ee1485d5
6
+ metadata.gz: bce6d285334e700dcb1db3d9287ca9e8dba1b6db5a9bd1d0eec5d551009e8d67c7e83be5b680f789bd21a4250f5910224474fd421ab026bf92ca240436076110
7
+ data.tar.gz: 75621496210405112d3fba0b83e249e0b70b1c06552464e858db41bb5b2d601273cc7d4ef1aacee76fbd950078ec3ae94bfbc0c352332744bd27eecf694fad39
checksums.yaml.gz.sig CHANGED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/docs/NEWS.markdown CHANGED
@@ -1,5 +1,9 @@
1
1
  # News
2
2
 
3
+ # 1.8.1 (July 6, 2017)
4
+ - Updated PostProcessing plugins
5
+ - Fixed #107 where plugin_name was to short in the schema
6
+
3
7
  # 1.8.0 (March 1, 2017)
4
8
  - **Moved repo from http://github.com/arxopia/risu to http://github.com/hammackj/risu**
5
9
  - **Upgraded to Rails 5**
data/lib/risu/base/schema.rb CHANGED
@@ -43,7 +43,7 @@ module Risu
43
43
  create_table :plugins_preferences do |t|
44
44
  t.integer :policy_id
45
45
  t.integer :plugin_id
46
- t.string :plugin_name
46
+ t.text :plugin_name, limit: 4294967295
47
47
  t.string :fullname
48
48
  t.string :preference_name
49
49
  t.string :preference_type
data/lib/risu/models/item.rb CHANGED
@@ -496,6 +496,8 @@ module Risu
496
496
  critical = critical.merge high
497
497
  end
498
498
 
499
+
500
+
499
501
  return critical
500
502
  end
501
503
 
data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb CHANGED
@@ -79,6 +79,9 @@ module Risu
79
79
  48323,
80
80
  49260,
81
81
  51062,
82
+ 96452,
83
+ 99373,
84
+ 94071,
82
85
 
83
86
 
84
87
 
data/lib/risu/parsers/nessus/postprocess/adobe_air.rb CHANGED
@@ -90,6 +90,7 @@ module Risu
90
90
  88638,
91
91
  89868,
92
92
  91162,
93
+ 93523,
93
94
 
94
95
 
95
96
 
data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb CHANGED
@@ -83,6 +83,8 @@ module Risu
83
83
  91097,
84
84
  92035,
85
85
  94072,
86
+ 96453,
87
+ 99374,
86
88
 
87
89
 
88
90
 
data/lib/risu/parsers/nessus/postprocess/apache.rb CHANGED
@@ -63,7 +63,9 @@ module Risu
63
63
  73081,
64
64
  84959,
65
65
  40467,
66
+ 96451,
66
67
 
68
+
67
69
  ]
68
70
  }
69
71
  end
data/lib/risu/parsers/nessus/postprocess/apple_itunes.rb CHANGED
@@ -40,6 +40,12 @@ module Risu
40
40
  91347,
41
41
  87371,
42
42
  92410,
43
+ 94914,
44
+ 94915,
45
+ 95824,
46
+ 96830,
47
+ 100025,
48
+ 100300,
43
49
 
44
50
 
45
51
 
data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb CHANGED
@@ -39,13 +39,17 @@ module Risu
39
39
  #3 - high
40
40
  #4 - critical
41
41
 
42
- @plugins_to_severity = {
43
- 41028 => 0, #SNMP Agent Default Community Name (public) - 41028
44
- 10264 => 0, #SNMP Agent Default Community Names - 10264
45
- 10081 => 0, #FTP Privileged Port Bounce Scan - 10081
46
- 42411 => 0, #Microsoft Windows SMB Shares Unprivileged Access
47
- 66349 => 0, #X Server Unauthenticated Access: Screenshot
42
+ # TODO read from "extra" section
48
43
 
44
+ @plugins_to_severity = {
45
+ 41028 => 0, # SNMP Agent Default Community Name (public) - 41028
46
+ 10264 => 0, # SNMP Agent Default Community Names - 10264
47
+ 10081 => 0, # FTP Privileged Port Bounce Scan - 10081
48
+ 42411 => 0, # Microsoft Windows SMB Shares Unprivileged Access
49
+ 66349 => 0, # X Server Unauthenticated Access: Screenshot
50
+ 26925 => 0, # VNC Server Unauthenticated Access
51
+ 66174 => 0, # VNC Server Unauthenticated Access: Screenshot
52
+ 10205 => 0, # rlogin Service Detection
49
53
  }
50
54
  end
51
55
 
data/lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb ADDED
@@ -0,0 +1,48 @@
1
+ # Copyright (c) 2010-2017 Jacob Hammack.
2
+ #
3
+ # Permission is hereby granted, free of charge, to any person obtaining a copy
4
+ # of this software and associated documentation files (the "Software"), to deal
5
+ # in the Software without restriction, including without limitation the rights
6
+ # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7
+ # copies of the Software, and to permit persons to whom the Software is
8
+ # furnished to do so, subject to the following conditions:
9
+ #
10
+ # The above copyright notice and this permission notice shall be included in
11
+ # all copies or substantial portions of the Software.
12
+ #
13
+ # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14
+ # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15
+ # FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE
16
+ # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17
+ # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18
+ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19
+ # THE SOFTWARE.
20
+
21
+
22
+ module Risu
23
+ module Parsers
24
+ module Nessus
25
+ module PostProcess
26
+ class DropbearSSHServerPatchRollup < Risu::Base::PostProcessBase
27
+
28
+ #
29
+ def initialize
30
+ @info =
31
+ {
32
+ :description => "Dropbear SSH Server Patch Rollup",
33
+ :plugin_id => -99952,
34
+ :plugin_name => "Update to the latest Dropbear SSH Server",
35
+ :item_name => "Update to the latest Dropbear SSH Server",
36
+ :plugin_ids => [
37
+ 93650,
38
+ 58183,
39
+
40
+
41
+ ]
42
+ }
43
+ end
44
+ end
45
+ end
46
+ end
47
+ end
48
+ end
data/lib/risu/parsers/nessus/postprocess/firefox.rb CHANGED
@@ -78,6 +78,28 @@ module Risu
78
78
  88754,
79
79
  92755,
80
80
  93662,
81
+ 94960,
82
+ 95475,
83
+ 95886,
84
+ 96776,
85
+ 97639,
86
+ 99125,
87
+ 99632,
88
+ 100127,
89
+ 55901,
90
+ 56334,
91
+ 56750,
92
+ 57768,
93
+ 57769,
94
+ 58006,
95
+ 58349,
96
+ 58898,
97
+ 59407,
98
+ 60043,
99
+ 61715,
100
+ 62580,
101
+ 62589,
102
+ 94232,
81
103
 
82
104
 
83
105
 
data/lib/risu/parsers/nessus/postprocess/flash_player.rb CHANGED
@@ -127,6 +127,12 @@ module Risu
127
127
  93960,
128
128
  94334,
129
129
  94628,
130
+ 95762,
131
+ 96388,
132
+ 97142,
133
+ 97727,
134
+ 99283,
135
+ 100052,
130
136
 
131
137
 
132
138
  ]
data/lib/risu/parsers/nessus/postprocess/flexnet.rb CHANGED
@@ -27,7 +27,7 @@ module Risu
27
27
 
28
28
  #
29
29
  def initialize
30
- @info =
30
+ @info =
31
31
  {
32
32
  :description => "Macrovision FLEXnet Patch Rollup",
33
33
  :plugin_id => -99987,
@@ -37,7 +37,7 @@ module Risu
37
37
  25371,
38
38
  24712,
39
39
  27599,
40
-
40
+
41
41
  ]
42
42
  }
43
43
  end
data/lib/risu/parsers/nessus/postprocess/google_chrome.rb CHANGED
@@ -128,6 +128,15 @@ module Risu
128
128
  91716,
129
129
  93476,
130
130
  93817,
131
+ 99633,
132
+ 99995,
133
+ 94136,
134
+ 94580,
135
+ 94676,
136
+ 95480,
137
+ 96828,
138
+ 97724,
139
+ 99136,
131
140
 
132
141
 
133
142
 
data/lib/risu/parsers/nessus/postprocess/java.rb CHANGED
@@ -89,6 +89,9 @@ module Risu
89
89
  90828,
90
90
  92516,
91
91
  92516,
92
+ 99588,
93
+ 94138,
94
+ 96628,
92
95
 
93
96
 
94
97
 
data/lib/risu/parsers/nessus/postprocess/shockwave.rb CHANGED
@@ -60,6 +60,7 @@ module Risu
60
60
  84765,
61
61
  85882,
62
62
  86633,
63
+ 97835,
63
64
 
64
65
 
65
66
  ]
data/lib/risu/parsers/nessus/postprocess/windows.rb CHANGED
@@ -928,7 +928,42 @@ module Risu
928
928
  94016,
929
929
  49952,
930
930
  94634,
931
-
931
+ 55883,
932
+ 72836,
933
+ 95764,
934
+ 95765,
935
+ 95766,
936
+ 95768,
937
+ 95811,
938
+ 95813,
939
+ 96393,
940
+ 97833,
941
+ 97737,
942
+ 97743,
943
+ 100051,
944
+ 100057,
945
+ 94631,
946
+ 94633,
947
+ 94635,
948
+ 94636,
949
+ 94637,
950
+ 94638,
951
+ 94639,
952
+ 94641,
953
+ 94643,
954
+ 97729,
955
+ 97731,
956
+ 97732,
957
+ 97733,
958
+ 97738,
959
+ 97794,
960
+ 99312,
961
+ 97740,
962
+ 99314,
963
+ 100103,
964
+ 100058,
965
+ 97833,
966
+
932
967
 
933
968
 
934
969
  ]
data/lib/risu/parsers/nessus/postprocess/wireshark.rb CHANGED
@@ -79,6 +79,8 @@ module Risu
79
79
  90786,
80
80
  90787,
81
81
  92817,
82
+ 99437,
83
+ 97574,
82
84
 
83
85
 
84
86
  ]
data/lib/risu/version.rb CHANGED
@@ -21,7 +21,7 @@
21
21
 
22
22
  module Risu
23
23
  APP_NAME = "risu"
24
- VERSION = "1.8.0"
24
+ VERSION = "1.8.1"
25
25
  HOME_PAGE = "https://hammackj.github.io/risu/"
26
26
  GITHUB = "http://github.com/hammackj/risu"
27
27
  EMAIL = "jacob.hammack@hammackj.com"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: risu
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.8.0
4
+ version: 1.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jacob Hammack
@@ -34,7 +34,7 @@ cert_chain:
34
34
  mmb41gpjtpyN4MmJg/dtBA2QAzTR88UfROHdHsH7z5/s3B28ULSb72jogoU7PDuI
35
35
  xWswHWNU
36
36
  -----END CERTIFICATE-----
37
- date: 2017-02-11 00:00:00.000000000 Z
37
+ date: 2017-07-07 00:00:00.000000000 Z
38
38
  dependencies:
39
39
  - !ruby/object:Gem::Dependency
40
40
  name: rails
@@ -369,6 +369,7 @@ files:
369
369
  - lib/risu/parsers/nessus/postprocess/core_ftp.rb
370
370
  - lib/risu/parsers/nessus/postprocess/db2.rb
371
371
  - lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb
372
+ - lib/risu/parsers/nessus/postprocess/dropbear_ssh.rb
372
373
  - lib/risu/parsers/nessus/postprocess/filezilla.rb
373
374
  - lib/risu/parsers/nessus/postprocess/firefox.rb
374
375
  - lib/risu/parsers/nessus/postprocess/flash_player.rb
metadata.gz.sig CHANGED
@@ -1,2 +1 @@
1
- *�,ѩ )�!��6�P�/K"��c,��^��`�ns��$��C�KQ����0����ɛƤ0T5SL&��|��s����
2
- ������o��4�� ��b`<&��ʋ~kq��aW8!/��F
1
+ M� ��G4yO@'s0όгg%�;�z�Y��w�y�W�H�%Q�!�턹-d<<A\��@�̨�����\�zøb���jv`t_M䙿Ȍ#D"?�nxk�-�h3��6.������rB�$ϙ�8W��v����H"� ��MCH笀��,/�% ~:ޥ���0��V&Z�8��Xn�u ؎esG���� ���m¦��V2u����ŧ��B�Z�N�C�+��1���'�i�,�XP��]�6/>0�� �