Beispiel #1
0
 def test_cve_generalize_should_be_ok(self):
     self.assertTrue(
         CPEID("CPE:/a:microsoft:ie").generalize(
             CPEID("CPE:/a:microsoft:ie:8.0.7600.16385")))
     self.assertTrue(
         CPEID("CPE:/a:microsoft:ie").generalize(
             CPEID("cpe:/a:microsoft:ie:9.0.7600.16385")))
Beispiel #2
0
def parseVulnConfig(elem):

    conditionGroup = vuln.VulnConditionGroup()

    for elem_le in elem:
        #IS OR
        if is_or_elem(elem_le):
            choice = vuln.VulnConditionChoice()
            choice.negate = (elem_le.get('negate') == 'true')
            #FACT REF
            choice.choice_list = [
                CPEID(elem_fe.get('name')) for elem_fe in elem_le
                if is_fact_ref(elem_fe)
            ]

            conditionGroup.group_choice_list.append(choice)

        #IS AND
        elif is_and_elem(elem_le):
            #IS OR
            for elem_or in elem_le:
                #FACT REF
                choice = vuln.VulnConditionChoice()
                choice.choice_list = [
                    CPEID(elem_fe.get('name')) for elem_fe in elem_or
                    if is_fact_ref(elem_fe)
                ]

                conditionGroup.group_choice_list.append(choice)

    return conditionGroup
Beispiel #3
0
    def get_cve_by_cpe(cls, cpe_id):
        """ Return list of CVE-ID by CPEID
        @param cve_id: string with CPEID instance
        @return: list of tuples (CVE-ID instance), Official name) 
        """
        if not isinstance(cpe_id, CPEID):
            cpe_id = CPEID(cpe_id)

        query = """
                SELECT cve_id, summary
                FROM vulnerabilities AS vulns
                JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
                JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
                JOIN products AS pr ON pr.id = concr_pr.product_id
                WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s' 
                      AND concr_pr.version='%s' AND  concr_pr.pr_update='%s' AND  concr_pr.edition='%s' AND  language='%s'
                """ % (cpe_id.get_part_info(), cpe_id.get_vendor_info(),
                       cpe_id.get_product_info(), cpe_id.get_version_info(),
                       cpe_id.get_update_info(), cpe_id.get_edition_info(),
                       cpe_id.get_language_info())

        res = cls._cur.execute(query).fetchall()

        ret = []
        for row in res:
            cve_id = CVEID(row[0])
            #ret.append(str(cve_id))
            ret.append((str(cve_id), str(row[1])))

        return ret
Beispiel #4
0
    def get_cve_by_cpe(cls, cpe_id):
        """ Return list of CVE-ID by CPEID
        @param cve_id: string with CPEID instance
        @return: list of tuples (CVE-ID instance), Official name) 
        """
        if not isinstance(cpe_id, CPEID):
            cpe_id = CPEID(cpe_id)

        query = """
                SELECT cve_id, summary
                FROM vulnerabilities AS vulns
                JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
                JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
                JOIN products AS pr ON pr.id = concr_pr.product_id
                WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s' 
                      AND concr_pr.version='%s' AND  concr_pr.pr_update='%s' AND  concr_pr.edition='%s' AND  language='%s'
                """ % (
            cpe_id.get_part_info(),
            cpe_id.get_vendor_info(),
            cpe_id.get_product_info(),
            cpe_id.get_version_info(),
            cpe_id.get_update_info(),
            cpe_id.get_edition_info(),
            cpe_id.get_language_info(),
        )

        res = cls._cur.execute(query).fetchall()

        ret = []
        for row in res:
            cve_id = CVEID(row[0])
            # ret.append(str(cve_id))
            ret.append((str(cve_id), str(row[1])))

        return ret
Beispiel #5
0
    def get_cpe_by_cve(cls, cve_id):
        """ Return list of CPEID by CVE-ID
        @param cve_id: string with CVE-ID or CVEID instance
        @return: list of tuples (CPEID instance, Official name) 
        """

        if not isinstance(cve_id, CVEID):
            cve_id = CVEID(cve_id)

        sql = """
                SELECT pr.part, pr.vendor, pr.product, concr_pr.version,
                        concr_pr.pr_update, concr_pr.edition, concr_pr.language,
                        pr.official_name
                FROM vulnerabilities AS vulns
                JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
                JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
                JOIN products AS pr ON pr.id = concr_pr.product_id
                WHERE cve_id='%s'
                """ % cve_id

        res = cls._cur.execute(sql).fetchall()

        ret = []
        for row in res:
            cpeid = CPEID('', row['part'], row['vendor'], row['product'],
                          row['version'], row['pr_update'], row['edition'],
                          row['language'])
            #ret.append((cpeid, row['official_name'])) old version
            ret.append(str(cpeid))

        return ret
Beispiel #6
0
    def test_cve_should_be_ok(self):
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"

        self.assertTrue(CPEID.correct_cpe_str(cpe_str))

        cpe = CPEID(cpe_str)

        self.assertEqual(cpe.get_part_info(), 'a')
        self.assertEqual(cpe.get_vendor_info(), 'microsoft')
        self.assertEqual(cpe.get_product_info(), 'ie')
        self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
        self.assertEqual(cpe.get_edition_info(), '')
        self.assertEqual(cpe.get_language_info(), '')
        self.assertEqual(str(cpe), cpe_str)
Beispiel #7
0
def parseVulnConfigSoftwareList(elem):
    if elem is not None:
        log_entr_elem = elem[0]
        if log_entr_elem is not None:
            if len(log_entr_elem) > 0:
                if not is_fact_ref(log_entr_elem[0]):
                    log_entr_elem = log_entr_elem[0]
            return [CPEID(cpe_elem.get('name')) for cpe_elem in log_entr_elem]
    return None
Beispiel #8
0
 def __init__(self, raw_cpe_line):
     from svdb.id.cpe import CPEID
     cpe_n_port = raw_cpe_line.split('|')[1].split('#')
     if CPEID.correct_cpe_str(cpe_n_port[0]):
         self.cpe = cpe_n_port[0]
     try:
         self.port = cpe_n_port[1]
         if self.port is '':
             self.port = None
     except:
         self.port = None
Beispiel #9
0
    def test_cve_should_be_ok(self):
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"

        self.assertTrue(CPEID.correct_cpe_str(cpe_str))

        cpe = CPEID(cpe_str)

        self.assertEqual(cpe.get_part_info(), "a")
        self.assertEqual(cpe.get_vendor_info(), "microsoft")
        self.assertEqual(cpe.get_product_info(), "ie")
        self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
        self.assertEqual(cpe.get_edition_info(), "")
        self.assertEqual(cpe.get_language_info(), "")
        self.assertEqual(str(cpe), cpe_str)
Beispiel #10
0
    def test_cve_creation_only_additional_params_should_be_ok(self):
        # if cve_stris is not present all other parameters will not be ignores

        cpe = CPEID(
            part="a", vendor="microsoft", product="ie", version="8.0.7600.16385", update="1", edition="2", language="en"
        )

        self.assertEqual(cpe.get_part_info(), "a")
        self.assertEqual(cpe.get_vendor_info(), "microsoft")
        self.assertEqual(cpe.get_product_info(), "ie")
        self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
        self.assertEqual(cpe.get_update_info(), "1")
        self.assertEqual(cpe.get_edition_info(), "2")
        self.assertEqual(cpe.get_language_info(), "en")
        self.assertEqual(str(cpe).upper(), "CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())
Beispiel #11
0
    def test_cve_creation_only_additional_params_should_be_ok(self):
        #if cve_stris is not present all other parameters will not be ignores

        cpe = CPEID(part='a',
                    vendor='microsoft',
                    product='ie',
                    version='8.0.7600.16385',
                    update='1',
                    edition='2',
                    language='en')

        self.assertEqual(cpe.get_part_info(), 'a')
        self.assertEqual(cpe.get_vendor_info(), 'microsoft')
        self.assertEqual(cpe.get_product_info(), 'ie')
        self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
        self.assertEqual(cpe.get_update_info(), '1')
        self.assertEqual(cpe.get_edition_info(), '2')
        self.assertEqual(cpe.get_language_info(), 'en')
        self.assertEqual(
            str(cpe).upper(),
            "CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())
Beispiel #12
0
    def test_cve_creation_additional_params_should_be_ok(self):
        # if cve_stris present all other parameters will be ignores
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
        cpe = CPEID(
            cpe_str, part="h", vendor="qqq", product="qqq", version="qqq", update="qqq", edition="qqq", language="qqq"
        )

        self.assertEqual(cpe.get_part_info(), "a")
        self.assertEqual(cpe.get_vendor_info(), "microsoft")
        self.assertEqual(cpe.get_product_info(), "ie")
        self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
        self.assertEqual(cpe.get_edition_info(), "")
        self.assertEqual(cpe.get_language_info(), "")
        self.assertEqual(str(cpe), cpe_str)
Beispiel #13
0
    def test_cve_creation_additional_params_should_be_ok(self):
        #if cve_stris present all other parameters will be ignores
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
        cpe = CPEID(cpe_str,
                    part='h',
                    vendor='qqq',
                    product='qqq',
                    version='qqq',
                    update='qqq',
                    edition='qqq',
                    language='qqq')

        self.assertEqual(cpe.get_part_info(), 'a')
        self.assertEqual(cpe.get_vendor_info(), 'microsoft')
        self.assertEqual(cpe.get_product_info(), 'ie')
        self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
        self.assertEqual(cpe.get_edition_info(), '')
        self.assertEqual(cpe.get_language_info(), '')
        self.assertEqual(str(cpe), cpe_str)
Beispiel #14
0
 def test_cve_creation_should_not_be_ok_3(self):
     cpe_str = "CPE:/a:microsoft"
     self.assertFalse(CPEID.correct_cpe_str(cpe_str))
     self.assertRaises(ValueError, CPEID, cpe_str)
Beispiel #15
0
 def test_cve_creation_should_not_be_ok_3(self):
     cpe_str = "CPE:/a:microsoft"
     self.assertFalse(CPEID.correct_cpe_str(cpe_str))
     self.assertRaises(ValueError, CPEID, cpe_str)
Beispiel #16
0
 def test_cve_creation_should_not_be_ok_2(self):
     cpe_str = "CPE:/x:microsoft:ie:8.0.7600.16385"
     self.assertFalse(CPEID.correct_cpe_str(cpe_str))
     self.assertRaises(ValueError, CPEID, cpe_str)
Beispiel #17
0
    def test_cve_should_not_be_equal(self):
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
        cpe = CPEID(cpe_str)

        self.assertNotEqual(cpe, CPEID("CPE:/a:microsoft:ie:9.0.7600.16385"))
Beispiel #18
0
    def test_base_cpeid_should_not_be_equal(self):
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
        cpe = CPEID(cpe_str)

        self.assertNotEqual(cpe.get_base_cpeid(),
                            CPEID("CPE:/a:microsoft:word"))
Beispiel #19
0
    def test_base_cpeid_should_not_be_equal(self):
        cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
        cpe = CPEID(cpe_str)

        self.assertNotEqual(cpe.get_base_cpeid(), CPEID("CPE:/a:microsoft:word"))
Beispiel #20
0
def parseVulnSoftwareList(elem):
    return [CPEID(cpe_elem.text) for cpe_elem in elem]
Beispiel #21
0
 def test_cve_creation_should_not_be_ok_1(self):
     cpe_str = "CE:/a:microsoft:ie:8.0.7600.16385"
     self.assertFalse(CPEID.correct_cpe_str(cpe_str))
     self.assertRaises(ValueError, CPEID, cpe_str)