def test_cve_generalize_should_be_ok(self):
self.assertTrue(
CPEID("CPE:/a:microsoft:ie").generalize(
CPEID("CPE:/a:microsoft:ie:8.0.7600.16385")))
self.assertTrue(
CPEID("CPE:/a:microsoft:ie").generalize(
CPEID("cpe:/a:microsoft:ie:9.0.7600.16385")))
def parseVulnConfig(elem):
conditionGroup = vuln.VulnConditionGroup()
for elem_le in elem:
#IS OR
if is_or_elem(elem_le):
choice = vuln.VulnConditionChoice()
choice.negate = (elem_le.get('negate') == 'true')
#FACT REF
choice.choice_list = [
CPEID(elem_fe.get('name')) for elem_fe in elem_le
if is_fact_ref(elem_fe)
]
conditionGroup.group_choice_list.append(choice)
#IS AND
elif is_and_elem(elem_le):
#IS OR
for elem_or in elem_le:
#FACT REF
choice = vuln.VulnConditionChoice()
choice.choice_list = [
CPEID(elem_fe.get('name')) for elem_fe in elem_or
if is_fact_ref(elem_fe)
]
conditionGroup.group_choice_list.append(choice)
return conditionGroup
def get_cve_by_cpe(cls, cpe_id):
""" Return list of CVE-ID by CPEID
@param cve_id: string with CPEID instance
@return: list of tuples (CVE-ID instance), Official name)
"""
if not isinstance(cpe_id, CPEID):
cpe_id = CPEID(cpe_id)
query = """
SELECT cve_id, summary
FROM vulnerabilities AS vulns
JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
JOIN products AS pr ON pr.id = concr_pr.product_id
WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s'
AND concr_pr.version='%s' AND concr_pr.pr_update='%s' AND concr_pr.edition='%s' AND language='%s'
""" % (cpe_id.get_part_info(), cpe_id.get_vendor_info(),
cpe_id.get_product_info(), cpe_id.get_version_info(),
cpe_id.get_update_info(), cpe_id.get_edition_info(),
cpe_id.get_language_info())
res = cls._cur.execute(query).fetchall()
ret = []
for row in res:
cve_id = CVEID(row[0])
#ret.append(str(cve_id))
ret.append((str(cve_id), str(row[1])))
return ret
def get_cve_by_cpe(cls, cpe_id):
""" Return list of CVE-ID by CPEID
@param cve_id: string with CPEID instance
@return: list of tuples (CVE-ID instance), Official name)
"""
if not isinstance(cpe_id, CPEID):
cpe_id = CPEID(cpe_id)
query = """
SELECT cve_id, summary
FROM vulnerabilities AS vulns
JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
JOIN products AS pr ON pr.id = concr_pr.product_id
WHERE pr.part='%s' AND pr.vendor='%s' AND pr.product='%s'
AND concr_pr.version='%s' AND concr_pr.pr_update='%s' AND concr_pr.edition='%s' AND language='%s'
""" % (
cpe_id.get_part_info(),
cpe_id.get_vendor_info(),
cpe_id.get_product_info(),
cpe_id.get_version_info(),
cpe_id.get_update_info(),
cpe_id.get_edition_info(),
cpe_id.get_language_info(),
)
res = cls._cur.execute(query).fetchall()
ret = []
for row in res:
cve_id = CVEID(row[0])
# ret.append(str(cve_id))
ret.append((str(cve_id), str(row[1])))
return ret
def get_cpe_by_cve(cls, cve_id):
""" Return list of CPEID by CVE-ID
@param cve_id: string with CVE-ID or CVEID instance
@return: list of tuples (CPEID instance, Official name)
"""
if not isinstance(cve_id, CVEID):
cve_id = CVEID(cve_id)
sql = """
SELECT pr.part, pr.vendor, pr.product, concr_pr.version,
concr_pr.pr_update, concr_pr.edition, concr_pr.language,
pr.official_name
FROM vulnerabilities AS vulns
JOIN products_to_vulnerabilities AS pr2vulns ON pr2vulns.vuln_id = vulns.id
JOIN concrete_products AS concr_pr ON concr_pr.id = pr2vulns.concrete_product_id
JOIN products AS pr ON pr.id = concr_pr.product_id
WHERE cve_id='%s'
""" % cve_id
res = cls._cur.execute(sql).fetchall()
ret = []
for row in res:
cpeid = CPEID('', row['part'], row['vendor'], row['product'],
row['version'], row['pr_update'], row['edition'],
row['language'])
#ret.append((cpeid, row['official_name'])) old version
ret.append(str(cpeid))
return ret
def test_cve_should_be_ok(self):
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
self.assertTrue(CPEID.correct_cpe_str(cpe_str))
cpe = CPEID(cpe_str)
self.assertEqual(cpe.get_part_info(), 'a')
self.assertEqual(cpe.get_vendor_info(), 'microsoft')
self.assertEqual(cpe.get_product_info(), 'ie')
self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
self.assertEqual(cpe.get_edition_info(), '')
self.assertEqual(cpe.get_language_info(), '')
self.assertEqual(str(cpe), cpe_str)
def parseVulnConfigSoftwareList(elem):
if elem is not None:
log_entr_elem = elem[0]
if log_entr_elem is not None:
if len(log_entr_elem) > 0:
if not is_fact_ref(log_entr_elem[0]):
log_entr_elem = log_entr_elem[0]
return [CPEID(cpe_elem.get('name')) for cpe_elem in log_entr_elem]
return None
def __init__(self, raw_cpe_line):
from svdb.id.cpe import CPEID
cpe_n_port = raw_cpe_line.split('|')[1].split('#')
if CPEID.correct_cpe_str(cpe_n_port[0]):
self.cpe = cpe_n_port[0]
try:
self.port = cpe_n_port[1]
if self.port is '':
self.port = None
except:
self.port = None
def test_cve_should_be_ok(self):
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
self.assertTrue(CPEID.correct_cpe_str(cpe_str))
cpe = CPEID(cpe_str)
self.assertEqual(cpe.get_part_info(), "a")
self.assertEqual(cpe.get_vendor_info(), "microsoft")
self.assertEqual(cpe.get_product_info(), "ie")
self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
self.assertEqual(cpe.get_edition_info(), "")
self.assertEqual(cpe.get_language_info(), "")
self.assertEqual(str(cpe), cpe_str)
def test_cve_creation_only_additional_params_should_be_ok(self):
# if cve_stris is not present all other parameters will not be ignores
cpe = CPEID(
part="a", vendor="microsoft", product="ie", version="8.0.7600.16385", update="1", edition="2", language="en"
)
self.assertEqual(cpe.get_part_info(), "a")
self.assertEqual(cpe.get_vendor_info(), "microsoft")
self.assertEqual(cpe.get_product_info(), "ie")
self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
self.assertEqual(cpe.get_update_info(), "1")
self.assertEqual(cpe.get_edition_info(), "2")
self.assertEqual(cpe.get_language_info(), "en")
self.assertEqual(str(cpe).upper(), "CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())
def test_cve_creation_only_additional_params_should_be_ok(self):
#if cve_stris is not present all other parameters will not be ignores
cpe = CPEID(part='a',
vendor='microsoft',
product='ie',
version='8.0.7600.16385',
update='1',
edition='2',
language='en')
self.assertEqual(cpe.get_part_info(), 'a')
self.assertEqual(cpe.get_vendor_info(), 'microsoft')
self.assertEqual(cpe.get_product_info(), 'ie')
self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
self.assertEqual(cpe.get_update_info(), '1')
self.assertEqual(cpe.get_edition_info(), '2')
self.assertEqual(cpe.get_language_info(), 'en')
self.assertEqual(
str(cpe).upper(),
"CPE:/a:microsoft:ie:8.0.7600.16385:1:2:en".upper())
def test_cve_creation_additional_params_should_be_ok(self):
# if cve_stris present all other parameters will be ignores
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
cpe = CPEID(
cpe_str, part="h", vendor="qqq", product="qqq", version="qqq", update="qqq", edition="qqq", language="qqq"
)
self.assertEqual(cpe.get_part_info(), "a")
self.assertEqual(cpe.get_vendor_info(), "microsoft")
self.assertEqual(cpe.get_product_info(), "ie")
self.assertEqual(cpe.get_version_info(), "8.0.7600.16385")
self.assertEqual(cpe.get_edition_info(), "")
self.assertEqual(cpe.get_language_info(), "")
self.assertEqual(str(cpe), cpe_str)
def test_cve_creation_additional_params_should_be_ok(self):
#if cve_stris present all other parameters will be ignores
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
cpe = CPEID(cpe_str,
part='h',
vendor='qqq',
product='qqq',
version='qqq',
update='qqq',
edition='qqq',
language='qqq')
self.assertEqual(cpe.get_part_info(), 'a')
self.assertEqual(cpe.get_vendor_info(), 'microsoft')
self.assertEqual(cpe.get_product_info(), 'ie')
self.assertEqual(cpe.get_version_info(), '8.0.7600.16385')
self.assertEqual(cpe.get_edition_info(), '')
self.assertEqual(cpe.get_language_info(), '')
self.assertEqual(str(cpe), cpe_str)
def test_cve_creation_should_not_be_ok_3(self):
cpe_str = "CPE:/a:microsoft"
self.assertFalse(CPEID.correct_cpe_str(cpe_str))
self.assertRaises(ValueError, CPEID, cpe_str)
def test_cve_creation_should_not_be_ok_3(self):
cpe_str = "CPE:/a:microsoft"
self.assertFalse(CPEID.correct_cpe_str(cpe_str))
self.assertRaises(ValueError, CPEID, cpe_str)
def test_cve_creation_should_not_be_ok_2(self):
cpe_str = "CPE:/x:microsoft:ie:8.0.7600.16385"
self.assertFalse(CPEID.correct_cpe_str(cpe_str))
self.assertRaises(ValueError, CPEID, cpe_str)
def test_cve_should_not_be_equal(self):
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
cpe = CPEID(cpe_str)
self.assertNotEqual(cpe, CPEID("CPE:/a:microsoft:ie:9.0.7600.16385"))
def test_base_cpeid_should_not_be_equal(self):
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
cpe = CPEID(cpe_str)
self.assertNotEqual(cpe.get_base_cpeid(),
CPEID("CPE:/a:microsoft:word"))
def test_base_cpeid_should_not_be_equal(self):
cpe_str = "CPE:/a:microsoft:ie:8.0.7600.16385"
cpe = CPEID(cpe_str)
self.assertNotEqual(cpe.get_base_cpeid(), CPEID("CPE:/a:microsoft:word"))
def parseVulnSoftwareList(elem):
return [CPEID(cpe_elem.text) for cpe_elem in elem]
def test_cve_creation_should_not_be_ok_1(self):
cpe_str = "CE:/a:microsoft:ie:8.0.7600.16385"
self.assertFalse(CPEID.correct_cpe_str(cpe_str))
self.assertRaises(ValueError, CPEID, cpe_str)
