Renames some nessus-imported vulnerabilities to drop the NSS identifier and just stick with the plugin name (if available). Also drops junk NSS-0 vulnerabilities.
git-svn-id: file:///home/svn/framework3/trunk@12653 4d416f70-5f16-0410-b530-b9f4589650da
This commit is contained in:
parent
e823a885bc
commit
60dcac616e
|
@ -0,0 +1,26 @@
|
|||
class RenameAndPruneNessusVulns < ActiveRecord::Migration
|
||||
|
||||
class Vuln < ActiveRecord::Base
|
||||
end
|
||||
|
||||
# No table changes, just vuln renaming to drop the NSS id
|
||||
# from those vulns that have it and a descriptive name.
|
||||
def self.up
|
||||
Vuln.find(:all).each do |v|
|
||||
if v.name =~ /^NSS-0?\s*$/
|
||||
v.delete
|
||||
next
|
||||
end
|
||||
next unless(v.name =~ /^NSS-[0-9]+\s(.+)/)
|
||||
new_name = $1
|
||||
next if(new_name.nil? || new_name.strip.empty?)
|
||||
v.name = new_name
|
||||
v.save!
|
||||
end
|
||||
end
|
||||
|
||||
def self.down
|
||||
say "Cannot un-rename and un-prune NSS vulns for migration 20110517160800."
|
||||
end
|
||||
|
||||
end
|
|
@ -4169,7 +4169,6 @@ class DBManager
|
|||
else
|
||||
yield(:address,addr) if block
|
||||
end
|
||||
|
||||
|
||||
os = host['os']
|
||||
hname = host['hname']
|
||||
|
@ -4202,6 +4201,7 @@ class DBManager
|
|||
next if item['port'] == 0
|
||||
msf = nil
|
||||
nasl = item['nasl'].to_s
|
||||
nasl_name = item['nasl_name'].to_s
|
||||
port = item['port'].to_s
|
||||
proto = item['proto'] || "tcp"
|
||||
sname = item['svc_name']
|
||||
|
@ -4214,7 +4214,7 @@ class DBManager
|
|||
|
||||
yield(:port,port) if block
|
||||
|
||||
handle_nessus_v2(wspace, hobj, port, proto, sname, nasl, severity, description, cve, bid, xref, msf)
|
||||
handle_nessus_v2(wspace, hobj, port, proto, sname, nasl, nasl_name, severity, description, cve, bid, xref, msf)
|
||||
|
||||
end
|
||||
yield(:end,hname) if block
|
||||
|
@ -4778,15 +4778,14 @@ protected
|
|||
end
|
||||
|
||||
nss = 'NSS-' + nasl.to_s.strip
|
||||
|
||||
refs << nss.split(" ").first
|
||||
refs << nss
|
||||
|
||||
vuln_info = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:port => port,
|
||||
:proto => proto,
|
||||
:name => nss,
|
||||
:name => nss, # handle_nessus_v2 catches names instead.
|
||||
:info => data,
|
||||
:refs => refs
|
||||
}
|
||||
|
@ -4797,7 +4796,7 @@ protected
|
|||
# NESSUS v2 file format has a dramatically different layout
|
||||
# for ReportItem data
|
||||
#
|
||||
def handle_nessus_v2(wspace,hobj,port,proto,name,nasl,severity,description,cve,bid,xref,msf)
|
||||
def handle_nessus_v2(wspace,hobj,port,proto,name,nasl,nasl_name,severity,description,cve,bid,xref,msf)
|
||||
addr = hobj.address
|
||||
|
||||
info = { :workspace => wspace, :host => hobj, :port => port, :proto => proto }
|
||||
|
@ -4834,13 +4833,18 @@ protected
|
|||
refs.push msfref if msfref
|
||||
|
||||
nss = 'NSS-' + nasl
|
||||
if nasl_name.nil? || nasl_name.empty?
|
||||
vuln_name = nss
|
||||
else
|
||||
vuln_name = nasl_name
|
||||
end
|
||||
|
||||
refs << nss.split(" ").first
|
||||
refs << nss.strip
|
||||
|
||||
vuln = {
|
||||
:workspace => wspace,
|
||||
:host => hobj,
|
||||
:name => nss,
|
||||
:name => vuln_name,
|
||||
:info => description ? description : "",
|
||||
:refs => refs
|
||||
}
|
||||
|
|
|
@ -17,7 +17,8 @@ class NessusXMLStreamParser
|
|||
def reset_state
|
||||
@host = {'hname' => nil, 'addr' => nil, 'mac' => nil, 'os' => nil, 'ports' => [
|
||||
'port' => {'port' => nil, 'svc_name' => nil, 'proto' => nil, 'severity' => nil,
|
||||
'nasl' => nil, 'description' => nil, 'cve' => [], 'bid' => [], 'xref' => [], 'msf' => nil } ] }
|
||||
'nasl' => nil, 'nasl_name' => nil, 'description' => nil,
|
||||
'cve' => [], 'bid' => [], 'xref' => [], 'msf' => nil } ] }
|
||||
@state = :generic_state
|
||||
end
|
||||
|
||||
|
@ -46,7 +47,8 @@ class NessusXMLStreamParser
|
|||
@bid = Array.new
|
||||
@xref = Array.new
|
||||
@x = Hash.new
|
||||
@x['nasl'] = [attributes['pluginID'],attributes['pluginName']].join(" ")
|
||||
@x['nasl'] = attributes['pluginID']
|
||||
@x['nasl_name'] = attributes['pluginName']
|
||||
@x['port'] = attributes['port']
|
||||
@x['proto'] = attributes['protocol']
|
||||
@x['svc_name'] = attributes['svc_name']
|
||||
|
|
Loading…
Reference in New Issue